Anthropic announced on Tuesday it was expanding Project Glasswing - its restricted partnership built around Claude Mythos Preview, the model developed specifically for identifying software vulnerabilities - from roughly 50 organisations to approximately 200, with each new partner required to meet security clearance requirements before gaining access.
The expanded group brings stronger representation from industries including power, water, healthcare, communications, and hardware - sectors considered critical infrastructure that were not well-represented in the initial April cohort.
Partners already inside the program have surfaced more than 10,000 vulnerabilities rated high or critical in severity since April, with Anthropic estimating a coordinated attack on member organisations could affect more than 100 million people.
The Glasswing announcement landed on the same day the White House confirmed it had quietly signed an executive order seeking to formalise exactly this kind of arrangement at a federal level.
The executive order, taken at face value, endorses exactly the framework Glasswing represents - government access to frontier models, pre-release, within a structured security arrangement - which sits in some tension with the Department of War's position that Anthropic's own technology cannot be trusted.
Separately, Anthropic has warned that within six to 12 months, many other AI companies will have models with capabilities comparable to Mythos Preview, and that those models could be released without the safeguards Project Glasswing is designed to normalise across the industry.
White House order
The order asks companies, on a voluntary basis, to participate in a classified benchmarking process to determine whether a model meets the threshold of a "covered frontier model", then provide the government with access up to 30 days before broader release to trusted partners.
Trump signed the order privately, just weeks after postponing a signing ceremony with prominent tech executives because he said he “didn't like certain aspects of it”.
An earlier version had given the government up to 90 days to review frontier models - that window was cut to 30 days after Trump expressed concern the original timeline could interfere with American companies' lead over China.
It also directs the Treasury Department to form an AI cybersecurity clearing house within 30 days, designed to co-ordinate vulnerability scanning, validate findings, and prioritise the distribution of patches across critical infrastructure.
The "voluntary" qualifier runs throughout the document, with the order explicitly stating it cannot be read to create a mandatory licensing or preclearance requirement for any AI model release - a carve-out that reflects the administration's position that oversight and open development are not in conflict.
Department of War complication
Through letters dated 3 March 2026, the Department of War formally designated Anthropic a supply chain risk - the first such designation ever applied to an American company - after failed contract renegotiations in which the Pentagon sought to remove Anthropic's restrictions on mass domestic surveillance and fully autonomous weapons systems.
Anthropic filed two federal lawsuits challenging the designation on 9 March, arguing the action was unlawful and violated its free speech and due process rights, with the company estimating the designation could reduce its 2026 revenue by multiple billions of dollars.
