Anthropic has expanded Project Glasswing, its AI-powered cybersecurity vulnerability program, to approximately 150 new organisations across more than 15 countries - with Australia and New Zealand among the nations included in the second cohort, according to reporting by the Financial Times. Anthropic has not publicly confirmed the country list.

The Financial Times reported that the expansion includes organisations from Australia, New Zealand, Canada, France, Germany, Italy, Japan, South Korea, the Netherlands, Spain, Belgium, Sweden, and Switzerland, along with India. Anthropic declined to confirm the countries involved, stating: "We're not disclosing the specific organizations or the list of countries publicly."

Project Glasswing gives participating organisations access to Claude Mythos Preview - Anthropic's most advanced AI model, which is not available to the general public - for the purpose of scanning their codebases for software vulnerabilities before they can be exploited.

The program was launched in early April with around 50 initial partners, including Apple, Microsoft, Nvidia, CrowdStrike, Palo Alto Networks, and the US government. Those early participants identified more than 10,000 high- or critical-severity security vulnerabilities within the first weeks of using the model.

The expanded second cohort broadens the program into sectors not well represented in the initial group, including power, water, healthcare, communications, and hardware. Anthropic said the new partners are predominantly vendors whose codebases underpin systems used by many organisations worldwide, including governments.

"What each partner has in common is that a successful attack on their codebase could be catastrophic," Anthropic said. The company estimates that a major attack on any one of its Glasswing partners could affect more than 100 million people.

Cloud data management company Rubrik confirmed it is among the new batch of organisations, stating it will use Mythos Preview to identify and patch potential software vulnerabilities across its enterprise platform.

"By putting Anthropic's model to work directly on our code, we are proactively purging potential vulnerabilities before they can ever be leveraged against us," said Bipul Sinha, CEO and co-founder of Rubrik.

The Glasswing announcement coincided with US President Donald Trump signing an executive order titled "Promoting Advanced Artificial Intelligence Innovation and Security" on June 2. The order establishes a voluntary framework under which AI developers are asked to provide the US government with early access to frontier models for up to 30 days prior to broader release, to allow security review.

The order explicitly states it does not create a mandatory licensing, permitting, or approval process for AI models - a position that represents a retreat from an earlier proposal that drew significant industry opposition.

Anthropic framed the Glasswing expansion as an urgent response to the broader trajectory of AI development. The company warned that within six to 12 months, other AI developers are likely to release models with comparable cyber capabilities, potentially without adequate safeguards.

"Cheap, fast AI models with powerful cyber capabilities are around the corner," Anthropic said. "We want Project Glasswing to spur institutions toward operating norms that reflect this reality."

Anthropic also released Claude Security, a product using its public frontier models including Claude Opus 4.8, to enable broader codebase scanning outside the restricted Glasswing program. Each new Glasswing partner must meet Anthropic's security requirements before gaining access to Mythos Preview.

Anthropic said it intends to continue expanding the program - prioritising critical infrastructure providers, open-source software maintainers, and safety testers - and plans to scale up a Cyber Verification Program that would extend Mythos-class capabilities to a broader range of organisations for specific defensive tasks.