Anthropic has launched Project Glasswing, a new initiative targeting global cybersecurity threats with advanced AI—but the company is keeping its most powerful cyber model, Claude Mythos Preview, under wraps, citing fears it could be weaponized.

This move puts Anthropic at the center of a growing debate: how to harness AI’s power for defense without unleashing tools that could just as easily be used for attack. The company’s decision to withhold Claude Mythos Preview, described as its most capable AI cyber model to date, signals a shift toward greater caution in the release of frontier AI models.

Project Glasswing: AI for Proactive Cyber Defense

Announced in June 2024, Project Glasswing aims to identify and patch software vulnerabilities before they can be exploited. The project is built on the Claude Mythos Preview model, which Anthropic says surpasses all previous releases in cyber capabilities. According to VentureBeat, Glasswing brings together major technology and finance sector partners, though Anthropic has not disclosed specific names.

The initiative reflects a new phase in AI-driven cybersecurity, where models are not just reactive but actively hunt for flaws across digital infrastructure. The stakes are high: as AI gets better at finding vulnerabilities, it also becomes a potent tool for those seeking to exploit them.

Claude Mythos Preview: Too Powerful for Public Release?

Anthropic’s Claude Mythos Preview isn’t just another large language model. Internally, it’s been described as a leap forward in automated vulnerability discovery and exploitation simulation. The company’s leadership has opted against a public release, citing the “dual-use” risk—meaning the same tool that can patch holes could also be used to tear systems wide open if it fell into the wrong hands.

This is not just theoretical. Recent years have seen a surge in AI-assisted cyberattacks, with models capable of generating sophisticated phishing campaigns and automating penetration testing. Anthropic’s decision echoes moves by other leading AI labs, such as OpenAI’s restrictions on GPT-4’s cybersecurity capabilities, but marks a more explicit acknowledgment of the threat landscape.

Industry Collaboration, But With Guardrails

Project Glasswing isn’t a solo effort. Anthropic is partnering with undisclosed major players in tech and finance, sectors that have the most to lose—and potentially gain—from AI-driven cyber defense. The collaboration points to a new model for AI deployment: limited-access, high-stakes partnerships rather than open-source releases.

For now, the Claude Mythos Preview model will remain behind closed doors, accessible only to vetted partners under strict controls. Anthropic’s approach may set a precedent for how the industry handles the next generation of dual-use AI tools.

What This Means

For founders in AI and cybersecurity, the message is clear: the era of "move fast and break things" is over—at least for the most advanced models. Responsible deployment and access controls are now table stakes, not optional extras. If you’re building in this space, expect to face tough questions about dual-use risks and to implement robust safeguards from day one.

For the industry, Anthropic’s move signals a pivot toward closed, consortium-based approaches for the most sensitive AI capabilities. Open source and public APIs will still have their place, but frontier models—especially those with clear offensive potential—will increasingly be siloed, at least until the industry develops better governance and red-teaming protocols.

The second-order effect? A bifurcation of the AI ecosystem: one track for general-purpose, widely accessible models, and another for high-risk, high-impact tools locked behind institutional gates. This will slow the pace of open innovation in cybersecurity AI, but may also buy time to develop the regulatory and technical guardrails the sector desperately needs. The real risk is that threat actors won’t wait for consensus—they’ll build or steal what they need, raising the stakes for everyone.