NATO and 150 Global Partners Deploy Claude Mythos Preview

Anthropic is extending its primary cybersecurity initiative to a new tier of global entities. On June 2, 2026, the company announced the expansion of Project Glasswing, granting 150 additional critical infrastructure organizations access to its restricted Claude Mythos Preview model. This phase shifts the program’s focus from its initial cohort of US-based technology and finance giants to global providers in the power, water, healthcare, communications, and hardware sectors.

Anthropic estimates that a successful cyberattack on the codebases maintained by these new partners could affect more than 100 million people. To accelerate defensive adoption, the company has committed $100 million in usage credits for Mythos Preview and $4 million in donations to open-source security organizations.

Autonomous Vulnerability Discovery

Claude Mythos Preview remains a restricted-access frontier model, withheld from public release due to its advanced autonomous cybersecurity capabilities. The model specializes in exploit chain construction, possessing the ability to autonomously link minor, low-severity bugs into full system takeovers.

During the initial phase of Project Glasswing launched in April 2026, the first 50 partners utilized the model to identify more than 10,000 high- or critical-severity software vulnerabilities. Testing revealed structural flaws that had evaded both human auditing and traditional automated tooling for decades. Notable discoveries include a 27-year-old remote-crash bug in OpenBSD and a 16-year-old flaw in FFmpeg that had reportedly survived 5 million automated fuzzing attempts.

These results demonstrate a shift in how infrastructure software is audited. Instead of relying purely on static analysis or isolated fuzzing, organizations are utilizing models capable of executing multi-step reasoning to map complex attack surfaces.

Global Scope and Market Positioning

The expanded participant list reflects a strategic effort to establish “infrastructure-grade AI” as a standard for national security and global financial systems. Access now spans over 15 countries, including members of the Five Eyes alliance, major European nations, and Asian technology leaders.

Newly onboarded partners include defense entities like NATO and the EU’s cybersecurity agency, ENISA. The cohort also brings in major hardware manufacturers Samsung Electronics and SK Hynix, alongside telecommunications provider SK Telecom. In the financial sector, infrastructure operators Euroclear, Swift, and the Intercontinental Exchange have joined the initiative.

This deployment places Anthropic in direct competition with OpenAI, which has pursued similar defensive integration with trusted defense partners using its specialized GPT-5.5-Cyber model. The Project Glasswing expansion also aligns with major corporate milestones for Anthropic. The company reportedly filed confidential draft paperwork for an Initial Public Offering on June 1, 2026, citing a revenue run rate exceeding $47 billion and a potential valuation of up to $965 billion.

Preparing for Accelerated Patch Cycles

If you maintain open-source packages or enterprise software dependencies, this initiative will likely trigger a massive influx of vulnerability disclosures and patch requests over the next six months. As these 150 organizations point specialized AI agents at decades of legacy code, the discovery rate for zero-day vulnerabilities will compress exponentially. Engineering teams should prepare their CI/CD pipelines to handle an accelerated rhythm of security updates and automated pull requests generated by defensive AI systems.