Anthropic just tripled the size of Project Glasswing, its program for securing the world's most important software. The initial cohort of roughly 50 partners has grown by approximately 150 new organizations, spanning more than 15 countries.
The numbers matter. Anthropic estimates that a successful attack on most partners' codebases could affect more than 100 million people. That is not a hypothetical risk framing. It is the selection criterion: if an attack on your code could be catastrophic at national or global scale, you qualify for consideration.
The new cohort fills gaps the first wave left open. Power, water, healthcare, communications, and hardware are all now represented. Many of the additions are vendors, meaning they maintain codebases that downstream organizations, including governments, depend on. A single flaw in a vendor's code can propagate everywhere that vendor's software runs.
Since the April launch, partners have used Claude Mythos Preview to scan their codebases and have found more than 10,000 high- or critical-severity vulnerabilities. That figure is the clearest signal yet that AI-assisted code auditing at scale surfaces real issues, not just noise.
Anthropicis also being explicit about the threat timeline. The company expects many other AI providers to have models in the same capability class as Mythos Preview within 6 to 12 months. Some of those releases may arrive without safeguards against misuse. In that environment, the cost and speed of launching a cyberattack drops significantly, and the attack surface for every organization grows.
The program is Anthropic's attempt to get defenders ahead of that curve before it arrives. The goal, as stated, is twofold: help the software industry adapt now, and push the broader ecosystem toward operating norms that account for cheap, fast, capable AI cyber tools becoming widely available.
Each new partner must meet security requirements before gaining access. The criteria are not public, but the pattern is clear: access follows criticality and accountability, not company size or brand.
What to do with this today: If you build or maintain software that critical infrastructure depends on, find out whether your organization or a vendor you rely on is eligible for Project Glasswing. Even if you are outside the partner program, the more immediate action is to treat AI-assisted vulnerability scanning as a standard step in your release pipeline now, not after an incident. The 10,000-plus flaws already found suggest that codebases considered secure are not holding up under this level of scrutiny.