Claude Mythos Expands to 150+ Orgs in 15 Countries: Critical Infrastructure Focus

Anthropic Scales Claude Mythos to the World's Most Vulnerable Software

On June 2, 2026, Anthropic announced a major expansion of Project Glasswing, inviting approximately 150 new organizations across more than 15 countries to access Claude Mythos Preview. The move extends the company's controlled cybersecurity deployment from an initial cohort of roughly 50 large technology firms to a much broader group of critical infrastructure operators that had been largely absent from the first wave.

Project Glasswing is Anthropic's structured program for deploying Claude Mythos — the company's most capable model to date — exclusively in defensive cybersecurity contexts before any public launch. The expansion marks the first time utilities, hospitals, and telecom providers have been given direct access to a model Anthropic has described as able to "identify thousands of zero-day vulnerabilities over several weeks."

Feature Overview

Sector-Targeted Access

Unlike the original cohort, which was dominated by enterprise technology companies, the June expansion prioritises sectors running the physical backbone of modern society. Invited organisations now include public utilities in power and water, telecoms operators, healthcare providers, and hardware manufacturers. Countries confirmed to have participants include Australia, Canada, France, Germany, Italy, Switzerland, the Netherlands, Spain, Belgium, Sweden, India, Japan, New Zealand, and South Korea.

Zero-Day Discovery at Scale

Claude Mythos's core cybersecurity differentiator is exploit chain construction — the ability to link multiple individually minor software flaws into a combined attack path that is far more damaging than any single vulnerability. Anthropic first demonstrated this capability when the model autonomously found thousands of zero-day vulnerabilities across critical codebases during the programme's April 2026 launch phase. The June expansion applies the same capability to codebases that underpin physical infrastructure rather than digital services.

Notable Named Partners

The initial cohort included Apple, Amazon, Broadcom, CrowdStrike, Microsoft, and NVIDIA. The June expansion added Okta, Samsung, SK Hynix, SK Telecom, NATO, and ENISA, reflecting a clear geopolitical dimension to the deployment strategy. The inclusion of NATO and the EU's own cybersecurity agency signals that Anthropic has moved from commercial enterprise partnerships into formal government and multilateral institutional relationships.

Security Vetting Requirements

All partner organisations must pass Anthropic's security review before obtaining access. The company has emphasised the stakes involved: it estimates that a successful cyberattack on most Project Glasswing partner systems "could affect more than 100 million people, with important ramifications for both global and national security." This vetting process is part of Anthropic's phased approach to releasing Mythos-level capabilities while minimising misuse risk.

Public Release Still Gated

Anthropuc confirmed that Claude Mythos will not be made widely available until the company implements what it describes as "highly robust safeguards" against offensive use. Given that the model can identify novel exploits in production-grade infrastructure software, Anthropic is treating the deployment process more like a regulated technology rollout than a typical model launch.

Usability Analysis

For critical infrastructure operators, Project Glasswing participation means access to automated vulnerability scanning that previously required large teams of senior security researchers. A water utility or regional power operator that cannot realistically maintain a 20-person red team can now run Claude Mythos against its industrial control system software and receive a prioritised list of exploitable weaknesses before adversaries discover them independently.

The practical workflow for partners involves submitting codebases or network configurations under strict data handling agreements. Claude Mythos then performs autonomous analysis, surfacing findings in structured reports that security teams can triage and remediate. Anthropic provides direct support to partners during the remediation phase, making this more of a managed security service than a raw API deployment.

For enterprise software vendors like Okta and Samsung, the value lies in hardening products that sit inside the perimeter of thousands of downstream organisations. A single fix applied to an identity provider's authentication stack can reduce exposure for every company that relies on it.

Pros and Cons

Advantages:

• Unprecedented scale of autonomous zero-day discovery, covering years of potential researcher work in weeks
• Direct coverage of underserved critical infrastructure sectors that lack mature security research teams
• Geographically diverse partner base reduces concentration risk and builds cross-border incident response relationships
• Structured, vetted access model limits misuse while still delivering measurable security value
• Anthropic's direct involvement in remediation creates accountability beyond simple tool licensing

Limitations:

• Access remains invitation-only with no confirmed timeline for broader availability
• Offensive cybersecurity applications of the same model capabilities remain a credible risk once Mythos is released publicly
• Partner confidentiality requirements make independent validation of security claims difficult
• Remediation timelines vary widely across sectors, meaning discovered vulnerabilities may remain open for months in resource-constrained utilities

Outlook

The June 2026 expansion positions Anthropic as a de facto cybersecurity infrastructure provider in addition to its commercial AI platform role. With OpenAI having released GPT-5.5-Cyber as a competing offering, the race to dominate AI-assisted vulnerability research is now clearly joined.

The inclusion of NATO and ENISA creates a template for how advanced AI models might eventually be integrated into sovereign cybersecurity frameworks. If the Glasswing model proves effective at reducing critical infrastructure exposure, other governments are likely to establish similar structured programmes, potentially with export controls or bilateral agreements governing which models are permitted to scan which countries' infrastructure.

For Anthropic itself, the expansion is strategically significant ahead of its confidential IPO filing. Demonstrating a clear government and critical infrastructure customer base provides a revenue narrative that goes beyond consumer subscriptions and enterprise API contracts.

Conclusion

The June 2, 2026 expansion of Project Glasswing represents a meaningful step in deploying frontier AI capabilities where the security stakes are highest. By bringing Claude Mythos to power grids, hospitals, and telecom operators across 15 countries, Anthropic is testing whether AI-assisted vulnerability research can scale to match the ambition of sophisticated adversaries. The programme is best suited to security leaders at critical infrastructure operators who need to close vulnerability backlogs faster than their current team capacity allows, and to government agencies seeking AI-augmented national cyber resilience.

Editor's Verdict

Claude Mythos Expands to 150+ Orgs in 15 Countries: Critical Infrastructure Focus earns a solid recommendation within the claude space.

The strongest case for paying attention is scales vulnerability discovery to sectors that cannot maintain adequate security research teams in-house, which raises the bar for what readers should now expect from peers in this space. Reinforcing that, geographically diverse partner base across 14 countries builds international cyber resilience capacity adds practical value rather than just headline appeal. The broader signal worth registering is straightforward: anthropic is treating Claude Mythos as a regulated technology, applying controlled rollout practices normally reserved for dual-use physical hardware. On the other side of the ledger, access remains invitation-only with no public availability timeline, limiting reach is a real constraint, not a marketing footnote, and it should factor into any serious decision. Layered on top of that, dual-use risk of the same exploit-chain capabilities being misused remains a fundamental concern narrows the set of teams for whom this is an obvious yes.

For Anthropic and Claude users, alignment-focused teams, and developers already invested in the Claude ecosystem, this is a serious evaluation candidate, not just a curiosity to bookmark. For everyone else, the safer posture is to monitor coverage and revisit once the use cases that matter to your team are demonstrated in the wild.