Anthropic Expands Mythos AI Access to 150 Groups as Cybersecurity Arms Race Intensifies

Anthropic is expanding access to Claude Mythos Preview, its most capable frontier model, to approximately 150 additional organizations across more than 15 countries. The expansion, announced Tuesday, significantly broadens Project Glasswing, the company's joint industry initiative to find and fix critical software vulnerabilities using AI. TechCrunch reports the new recipients include critical infrastructure operators in power, water, and healthcare sectors. Bloomberg notes Anthropic has maintained that Mythos is too dangerous for general public release, a restriction that has governed the model's deployment since its unveiling.

The timing carries additional weight. The expansion came one day after Anthropic filed confidentially for an initial public offering, according to TechCrunch. This dual move suggests Anthropic is positioning its cybersecurity capabilities as a core differentiator while preparing for public market scrutiny. The company has not disclosed financial terms for Mythos access or how it selects participating organizations.

Anthropic's restraint reflects genuine technical capability rather than marketing posture. According to the company's published System Card, Mythos Preview showed a striking leap in scores on many evaluation benchmarks compared to Claude Opus 4.6, its predecessor. The Cloud Security Alliance reports that Mythos autonomously discovered and wrote working exploits for thousands of zero-day vulnerabilities across every major operating system and web browser. This crossed a qualitative threshold that prior frontier models could not approach, where Claude Opus 4.6 achieved near-zero success rates.

The model's capabilities extend beyond simple discovery. Entro's analysis emphasizes that Mythos can chain exploits to transform what appears to be just a bug into fully working exploits faster than all but the most elite human researchers. Anthropic CEO Dario Amodei has stated there are no plans to release Mythos widely, a position the company has held since April 7, 2026. The Zvi Substack analysis confirms this is not a temporary restriction but a deliberate, indefinite withholding from public access.

The original Project Glasswing cohort included Microsoft, Amazon, Apple, CrowdStrike, and Palo Alto Networks, according to CNBC. CrowdStrike's public statements frame its role as securing AI where it executes, with the company evaluating the security implications of Mythos before joining. The expanded 150-organization group now reaches into critical infrastructure sectors that present attractive targets for sophisticated attackers.

ArmorCode's customer conversations reveal how this limited access model is reshaping enterprise security operations. The company reports that security leaders are recalibrating risk assessments in light of AI-powered vulnerability discovery at this scale. Cycode, another security vendor, notes that public disclosures from Mythos findings are scheduled to begin in July, creating a compressed timeline for organizations to prepare their response capabilities. The operational challenge shifts from finding vulnerabilities to prioritizing, triaging, and remediating them at unprecedented speed.

Mythos did not emerge in a vacuum. Cycode's timeline places OpenAI's Daybreak launch within five weeks of Mythos, followed by Microsoft's MDASH reveal. This clustering suggests major AI labs converged on autonomous vulnerability discovery as a strategic priority simultaneously. The competitive dynamic differs from typical AI product launches, however. Where most frontier models chase consumer or enterprise productivity use cases, these cybersecurity tools operate in a constrained-access environment where capability and restraint must coexist.

Microsoft's dual role is notable. As both a Mythos partner through Project Glasswing and developer of competing MDASH technology, the company secures insight into Anthropic's approach while advancing its own. Amazon's presence in the original cohort similarly reflects cloud providers' stake in securing the infrastructure layers where vulnerabilities propagate. The limited-release model may actually accelerate competitive positioning, as participants gain operational experience with AI-driven vulnerability discovery that others cannot replicate without access.

July's scheduled public disclosures will test whether the restricted-access model can deliver collective security benefits without creating a two-tier system of vulnerability awareness. Organizations without Mythos access will depend on published findings and patch availability, potentially widening the gap between prepared and unprepared defenders. The Cloud Security Alliance's framework of zero-time remediation, responding before exploitation occurs, becomes the operational target.

Anthropic's IPO filing adds financial pressure to demonstrate responsible stewardship of a powerful, voluntarily restricted technology. If Mythos continues to find vulnerabilities at scale, the company faces decisions about whether access expansion remains sustainable or whether commercial incentives will eventually erode the current restrictions. The 150-organization expansion may represent a testing phase for broader, still-limited deployment rather than a permanent equilibrium. Security leaders should prepare for a landscape where AI-discovered vulnerabilities arrive faster than traditional remediation workflows can process, regardless of whether they directly access Mythos.