The Project Glasswing partners can now pass vulnerability findings to other security teams, industry bodies, regulators, open-source maintainers and the press, under responsible-disclosure norms. The defender pool just got wider.
Anthropic said on Monday that it is revising its earlier disclosure policy on Mythos, the unreleased cybersecurity-focused AI model deployed under its Project Glasswing controlled-access programme.
The revision will let partners using Mythos share information about cyber threats with other parties potentially exposed to the same vulnerabilities, rather than holding findings within the original partner organisation.
The list of parties partners can now share with is, on the published text, deliberately broad: security teams at other companies, industry bodies, regulators and government agencies, open-source maintainers, the media and the public, all subject to responsible-disclosure norms.
Anthropic’s previous posture had been substantially tighter, with findings held inside the partner programme and surfaced upward to Anthropic itself rather than outward to the wider defender community.
The shift matters because of what Mythos has been finding. On Anthropic’s own disclosures, the model has identified thousands of zero-day vulnerabilities across major operating systems and browsers in internal testing, and has demonstrated the ability to develop working exploits against those flaws on first attempt in more than 83% of cases.
Project Glasswing’s partner roster includes Amazon Web Services, Apple, Google, Microsoft, Nvidia, Cisco and JPMorgan, a group large enough that the findings circulating inside it are themselves a meaningful subset of the modern enterprise attack surface.
The change also lands inside a wider regulatory arc Anthropic has been navigating. The company is preparing to brief the Financial Stability Board on what Mythos has found inside financial-services infrastructure, at Bank of England Governor Andrew Bailey’s request.
ASIC, the Fed, the Bank of England, the European Central Bank, the US Treasury and several Asian regulators are part of the coordinated monitoring cohort.
The disclosure-policy loosening is consistent with what regulators on those tracks have been pressing for in private: that vulnerability findings should not be held tightly inside a partner programme that excludes most of the financial-supervision community.
There is a parallel operational track worth flagging. The Pentagon, according to the Defense Department’s top technology official last week, has been deploying Mythos to find and patch software vulnerabilities across the US government while simultaneously racing to complete a transition away from Anthropic itself, on what has become a complex Trump-administration posture toward the company.
UK banks were given their own Mythos briefing earlier this month; the new partner-sharing rules let those briefings flow downstream in a way that the previous structure prevented.
The technical and policy mechanics of responsible disclosure are the limiting factor. Anthropic’s revised policy does not, on the published wire text, abandon the requirement that downstream sharing be coordinated under standard responsible-disclosure norms, which include reasonable patching windows and constraint on weaponisable detail.
What the change does not resolve is the structural asymmetry critics have been pressing on for two months: that the 40-to-50 organisations inside Project Glasswing get the defender’s view of Mythos before the rest of the global enterprise ecosystem, and that the asymmetry is now expanding through the partner-sharing rules rather than collapsing through wider direct access.
Anthropic’s framing of the controlled-access programme has consistently been that it is calibrated to give defenders a head start on the inevitable adversary use of comparable capabilities.
The loosened sharing rules are the most concrete operational evolution of that framing since Mythos was first announced in April.
