IT Essentials: Mythos or milestone? Trying to see through Project Glasswing

Anthropic’s ‘limited edition’ strategy is neither transparent nor subtle

If Anthropic’s ‘limited edition’ marketing strategy for Claude Mythos Preview isn’t raising concerns about transparency, and the prospect of the unprecedented concentration of power in one company over cybersecurity, it probably should.

Anthropic set hares running in the cybersecurity world last week with the announcement of Project Glasswing. Named after the nearly transparent glasswing butterfly (a metaphor for vulnerabilities hiding in plain sight) the initiative is a tightly controlled deployment of Claude Mythos Preview (CMP).

If Project Glasswing delivers on its promise, continuous, automated vulnerability discovery at scale could be just around the corner. The catch? Those same vulnerabilities can be reverse engineered at scale and with unprecedented speed.

As Benny Lakunishok, Co-founder and CEO of Zero Networks has pointed out, the whole detect and remediate paradigm of cybersecurity only works when attacks move at human speed.

“AI changes that equation. When attacks can be generated and executed autonomously, there is no guarantee of an early signal, no reliable window for investigation, and no reason to believe detection systems trained on past behaviour will recognize something entirely new.”

This dual-use nature of CMP explains why Anthropic has restricted access to a small group of partners, alongside offering $100 million in usage credits and $4 million in donations to open-source security organisations.

Best of both worlds – provided you’re Anthropic

This ‘limited edition’ approach serves a dual purpose for Anthropic. It allows them to quickly sharpen a tool which could consolidate unprecedented levels of power for a tech company whilst at the same time looking like the good guys.

“Sorry we accidentally invented a tool that we could blackmail the world with if we wanted to, but here’s a headstart in the arms race you are now doomed to be stuck in forever.”

If you’re uncomfortable with the idea of one company with god-like control over the cybersecurity on which we all depend, take heart in the memory that the concept of a frontier model that is so powerful that it scares its creators is not new. Sam Altman said how much GPT 5.0 scared him last summer, and we know how that turned out.

CMP may yet prove to be a genuine breakthrough, but many of the boldest claims remain unverified. Unlike its namesake butterfly, there’s little real transparency, and the FOMO-driven messaging is less than subtle.

“We have an amazing new thing. But you can’t have it - yet.”

Claude Mythos Preview could be an inflection point for cybersecurity. More likely is an acceleration of the exploit cycle as developers, criminals and cybersecurity practitioners all finally realise long-promised AI productivity gains