Anthropic is going all-in on cybersecurity defense, announcing Tuesday that its Project Glasswing initiative has expanded to approximately 150 new organizations across more than 15 countries—bringing AI-powered vulnerability scanning to critical infrastructure that, if compromised, could affect hundreds of millions of people worldwide.

The Mythos Model Takes Center Stage

At the core of this expansion is Claude Mythos, which Anthropic has called its most powerful model yet. Early testing proved the hype warranted: in just several weeks, Mythos identified thousands of zero-day vulnerabilities across partner codebases. Back in early April, Anthropic granted 50 initial partners—including components of the U.S. government—access to what was then called Claude Mythos Preview. Now that number has tripled, with access extended to organizations maintaining codebases that other companies and governments depend on daily.

Who's In the Club

The expanded roster reads like a who's-who of global critical infrastructure: Okta (identity and security management), Samsung and SK Hynix (semiconductor manufacturing), SK Telecom (South Korean telecommunications), NATO's Brussels headquarters, and the EU's cybersecurity agency ENISA. The geographic spread covers U.S.-friendly nations including Australia, Canada, France, Germany, Italy, Switzerland, Netherlands, Spain, Belgium, Sweden, India, Japan, New Zealand, and South Korea. These sectors—power, water, healthcare, communications, and hardware—weren't well-represented in the initial cohort, Anthropic noted. "What each partner has in common is that a successful attack on their codebase could be catastrophic," the company stated. "For most partners, we estimate that a major attack could affect more than 100 million people, with important ramifications for both global and national security."

The IPO Context Hangs Over Everything

The timing of this announcement matters. It landed just one day after Anthropic revealed it had filed confidentially for an initial public offering—a move following a massive $65 billion funding round that valued the company at nearly $1 trillion. Getting Mythos embedded into critical infrastructure partnerships before going public is strategic positioning: these aren't just security wins, they're enterprise relationships with serious switching costs once baked into national security architectures.

The Cybersecurity Arms Race Is Real

Anthropic isn't operating in a vacuum. Rival OpenAI has already released its own cybersecurity-focused model, GPT-5.5-Cyber, rolling it out to a large group of partners for testing. Anthropic acknowledges this reality directly, stating it expects other AI companies to develop comparable capabilities soon—which is exactly why the firm is racing to establish safeguards and lock in partnerships through Project Glasswing before competitors catch up.

Key Takeaways

  • Claude Mythos identified thousands of zero-day vulnerabilities in just weeks during initial testing
  • Access now covers power, water, healthcare, communications, and hardware sectors across 15+ countries
  • Major partners include Okta, Samsung, SK Hynix, NATO, and EU cybersecurity agency ENISA
  • Anthropic's IPO filing comes fresh off a $65B funding round at ~$1T valuation

The Bottom Line

Anthropic is playing the long game here—getting Mythos into the codebases of power grids and telecom providers before regulators mandate it or competitors muscle in. This isn't just about selling AI; it's about becoming load-bearing infrastructure yourself, which makes the IPO look less like a cash grab and more like the next logical chapter.