Anthropic Brings Claude Mythos to Critical Infrastructure in 15 Countries
Anthropic is deploying Claude Mythos to 150 organizations across 15 countries under Project Glasswing, targeting power grids, water systems, and healthcare infrastructure with both AI capabilities and security vulnerability assessment.
Original sourceAnthropic announced today that it is expanding Project Glasswing — its security-focused vulnerability assessment program — alongside access to Claude Mythos, to 150 organizations across 15 countries. The deployment specifically targets operators of critical infrastructure: power generation and distribution, water treatment and supply systems, and large healthcare networks. This marks one of the most significant government- and infrastructure-adjacent rollouts of a frontier AI model to date.
Project Glasswing was originally introduced as a narrowly scoped program to help critical infrastructure operators identify and patch AI-relevant security vulnerabilities before adversaries could exploit them. The expansion signals that Anthropic views Mythos — its most capable and security-hardened model variant — as production-ready for environments where failure has physical-world consequences. The pairing of vulnerability scanning with model deployment suggests Anthropic is positioning the two as a bundle: you get Mythos access, you also get the security review layer.
The 15-country footprint spans both NATO-aligned and non-aligned nations, though Anthropic has not published the full list of participating countries or organizations. The company says participation requires passing a vetting process and agreeing to operational constraints not applied to standard enterprise customers. Access is not open; organizations apply and are screened, a structure that mirrors how the U.S. government has historically managed sensitive contractor relationships.
The move positions Anthropic directly against both government AI incumbents like Palantir and emerging infrastructure-AI players. It also raises immediate questions about liability, auditability, and what happens when a model recommendation influences a decision in a power grid or water treatment facility. Anthropic has not publicly addressed those questions in detail, which will matter more than the deployment numbers as this program scales.
Panel Takes
The Skeptic
Reality Check
“The gap between '150 organizations' and 'critical infrastructure deployment' is enormous, and Anthropic isn't filling it. What percentage of these orgs are actually running Mythos in operational contexts versus using it for analysis and reporting? Until there's a public accounting of what 'access' means in practice — read-only advisory, write-path integration, or actual control-loop involvement — this is a press release with infrastructure branding. The thing that kills this program in 18 months isn't a competitor; it's the first incident where a Mythos recommendation contributed to an outage and the liability question becomes un-ignorable.”
The Futurist
Big Picture
“The real thesis here isn't 'AI helps infrastructure operators' — it's that the entity which audits vulnerabilities in critical systems gains structural leverage over those systems, and Anthropic is betting that bundling Glasswing with Mythos access is how you become load-bearing in national infrastructure before regulators figure out what rules to write. The second-order effect nobody is talking about: if this works, the vulnerability assessment data Anthropic accumulates across 150 orgs in 15 countries becomes a geopolitical asset, not just a product feature. That's a dependency that governments will eventually want to own or regulate, and Anthropic's window to set the terms is right now.”
The Founder
Business & Market
“The buyer here is procurement officers at state-owned utilities and hospital networks, which means 18-month sales cycles, compliance requirements Anthropic almost certainly isn't staffed to handle at scale, and contracts that will get reviewed by people who have never shipped software. The moat is real if they execute — once your vulnerability assessment tooling is embedded in a power utility's security ops workflow, you are not getting ripped out — but the go-to-market cost to close 150 orgs across 15 countries is a number Anthropic should publish, because it's either impressive or the program is smaller than it sounds. Palantir built a decade of government relationships to do this; Anthropic is betting it can compress that with a better model.”
The PM
Product Strategy
“Bundling the vulnerability program with model access is the only coherent product decision in this announcement — it gives infrastructure operators a concrete first job-to-be-done (find our AI-exploitable weaknesses) before asking them to trust the model in operational contexts. The problem is that 'critical infrastructure AI' is not one job; a water treatment plant operator and a hospital network CISO have almost nothing in common in terms of workflow, failure modes, or what 'value in the first two minutes' even means. If Anthropic is shipping a single product to both, they either have a very thin abstraction layer or they're calling two different things by the same name, and the lack of published use cases makes it impossible to tell which.”