Project Glasswing partners can now share Mythos findings beyond the programme

The Project Glasswing partners can now pass vulnerability findings to other security teams, industry bodies, regulators, open-source maintainers and the press, under responsible-disclosure norms. The defender pool just got wider.

Anthropic said on Monday that it is revising its earlier disclosure policy on Mythos, the unreleased cybersecurity-focused AI model deployed under its Project Glasswing controlled-access programme.

The revision will let partners using Mythos share information about cyber threats with other parties potentially exposed to the same vulnerabilities, rather than holding findings within the original partner organisation.

The list of parties partners can now share with is, on the published text, deliberately broad: security teams at other companies, industry bodies, regulators and government agencies, open-source maintainers, the media and the public, all subject to responsible-disclosure norms.

Anthropic’s previous posture had been substantially tighter, with findings held inside the partner programme and surfaced upward to Anthropic itself rather than outward to the wider defender community.

Project Glasswing partners can now share Mythos findings beyond the programme

Other newsrooms on this story

Related reading

Anthropic to let partners share Mythos cybersecurity findings with others - The…

Anthropic unveils powerful Mythos AI model, working with Apple in cybersecurity…

Anthropic limits Mythos AI rollout over fears hackers could use model for…

Mythos and Cybersecurity - Schneier on Security

Project Glasswing: what Mythos showed us

Anthropic’s Project Glasswing—restricting Claude Mythos to security…