When Anthropic launched Project Glasswing in April with roughly 50 technology companies, the program looked like a carefully contained experiment. As of June 2, it has grown considerably. The company announced it is extending access to Claude Mythos to an additional 150 organizations in more than 15 countries, pushing the program's total partner count to around 200 and adding sectors that were absent from the original cohort: power generation, water utilities, healthcare networks, communications providers and hardware manufacturers.
The expansion reflects both confidence in what the initial cohort has produced and a broader judgment that the most consequential software vulnerabilities are not concentrated in the technology industry. They are spread across the infrastructure that modern economies depend on.
New Partners and Why They Matter
Among the organizations now joining Glasswing are Okta, the identity and access management firm whose products sit at the authentication layer of millions of enterprise environments, and South Korean technology groups Samsung, SK Hynix and SK Telecom. NATO, the 32-member military alliance headquartered in Brussels, is also on the expanded list, as is ENISA, the European Union's cybersecurity agency. The involvement of a military alliance and a major intergovernmental regulator marks a meaningful shift in the program's character. Glasswing began as a software vendor coordination effort. It is now also a matter of national security infrastructure.
Anthropic estimates that a major cyberattack affecting many of the newly added organizations could disrupt services for more than 100 million people, creating national and global security risks that extend well beyond any single vendor's patch cycle. That framing shapes the logic of the expansion. Giving those organizations early access to Mythos-class vulnerability scanning is Anthropic's version of hardening the most critical systems before the model's capabilities become more broadly accessible.
Project Glasswing: Expansion by the Numbers
- New organizations added150
- Total Glasswing partners~200
- Countries represented15+
- High/critical flaws found to date10,000+
- New sectors addedPower, water, healthcare, communications, hardware
- Named new partnersOkta, Samsung, SK Hynix, SK Telecom, NATO, ENISA
A Programme That Is Producing Results
The initial cohort of approximately 50 partners has not simply received the model and sat on the findings. Anthropic reports that Glasswing partners have surfaced more than 10,000 high- or critical-severity security vulnerabilities since the program launched in April. At that scale, the program is generating findings at a rate that no conventional security audit could match. Most of those flaws were previously unknown; the responsible disclosure timeline Anthropic has set means patches are moving through the coordinated process before the details become public.
The results have been enough to justify broadening access. They have also shaped how Anthropic approached the expansion. New partners must meet security requirements before gaining access, and the model itself remains behind the same controlled infrastructure used by the founding partners. Glasswing is not an open API call. It involves Anthropic's compute, human review of findings and formal disclosure coordination through the same pipeline used from the beginning.
"The organizations in this new group are based in more than 15 countries, and most provide critical infrastructure to many more. We estimate that a major cyberattack affecting many of these organizations could impact more than 100 million people." Anthropic, Project Glasswing expansion announcement, June 2, 2026
A Public Release Is on the Horizon
One of the more consequential pieces of the announcement is a commitment, however qualified, to a public Mythos-class model release. Anthropic confirmed that publicly available models with Mythos-level capabilities are on the roadmap, while stopping short of naming a date. The framing echoes the company's earlier commitment to a public Mythos-class release and its standing position: public availability depends on defenders catching up, not on a calendar. With 200 organizations now scanning their codebases and a growing body of patched vulnerabilities, the gap is narrowing.
For Glasswing partners, the expansion also raises practical questions. The initial cohort was built around technology companies with mature security teams. Adding power utilities and healthcare networks introduces organizations whose security operations vary considerably in depth. Anthropic has not specified whether the access model or the expected pace of disclosure changes for those sectors. The involvement of ENISA suggests some of the coordination overhead may run through regulators rather than directly between Anthropic and each partner. NATO's participation implies a separate set of classification and information-sharing constraints that do not apply to commercial software vendors.
What This Signals for the Industry
Project Glasswing has moved from a proof of concept to something closer to a standing institution. The ENISA evaluation of Claude Mythos established that European regulators were willing to engage with the model's capabilities on their own terms. Adding NATO takes that relationship a step further, into the domain of collective defence rather than regulatory oversight. It is a signal that the program is being treated, by governments, as a genuine policy instrument rather than a corporate pilot.
For security professionals outside the coalition, the expansion does not change the immediate picture. Findings are still under coordinated disclosure, patches are still moving through proprietary channels, and the public Mythos-class release remains conditional. What the expansion does signal is that Anthropic has no intention of winding down the program as patching velocity slows. At 200 partners across 15 countries and six new critical infrastructure sectors, Project Glasswing has become infrastructure in its own right.
