What is Claude Mythos?

Claude Mythos is an unreleased frontier model from Anthropic, described as its most capable to date for coding and agentic tasks. Its defining capability is identifying software and network vulnerabilities at a level Anthropic says exceeds all but the most skilled human researchers. Because that capability is dual-use, Anthropic has not released Mythos publicly. It is instead being distributed through Project Glasswing, a staged program that uses the model defensively to find and fix critical vulnerabilities before a public-release version of the capability becomes widely available.

What is Project Glasswing?

Project Glasswing is Anthropic’s industry initiative to find and fix critical software vulnerabilities using Claude Mythos. It launched on 7 April 2026 with about 50 Wall Street and technology firms and expanded on 2 June 2026 to roughly 150 organisations across more than 15 countries. The initial cohort found more than 10,000 high or critical-severity vulnerabilities. The expanded cohort adds power, water, healthcare, communications and hardware operators, plus vendors whose codebases are relied on by governments and enterprises worldwide.

Which Australian organisations have access to Mythos?

Anthropic has confirmed that Australian organisations are included in the Project Glasswing expansion but has declined to name them. Reporting indicates access has been extended across the Five Eyes alliance, which includes Australia, alongside NATO and the EU cybersecurity agency ENISA. Australian agencies including Treasury, the Reserve Bank of Australia and the stewards of the country’s Systems of National Significance had previously sought briefings about the model, and national security organisations are expected to be near the front of the Australian queue.

How does this relate to Australia’s critical infrastructure rules?

The sectors added to Glasswing, power, water, healthcare and communications, align closely with the asset classes regulated under Australia’s Security of Critical Infrastructure Act 2018. Data centres are covered under the Act’s data storage or processing sector. Operators of the highest-criticality assets, designated Systems of National Significance, carry Enhanced Cyber Security Obligations including incident response planning and cyber exercises. A model that surfaces high-severity vulnerabilities in widely used software speaks directly to the supply-chain risk those operators are obliged to manage.

How does Mythos access fit Anthropic’s other moves in Australia?

It adds a national-security dimension to a relationship that has been infrastructure-focused. Anthropic has signed a National AI Plan MoU, taken its first federal contract with the Fair Work Commission, and begun staffing a Sydney data centre operations team modelled on its US in-house compute function. The company also met NEXTDC, AirTrunk and CDC Data Centres in Canberra about hosting sovereign compute. Mythos access means Anthropic is now supplying a defensive security capability to the operators of Australian critical infrastructure at the same time it negotiates to place compute with them.

Anthropic extends Claude Mythos to Australian critical infrastructure

At a glance

Anthropic has extended access to its Claude Mythos model to Australian organisations for the first time, as part of a Project Glasswing expansion to roughly 150 organisations across more than 15 countries.
Mythos is an unreleased Anthropic model for coding and agentic tasks, unusually effective at finding software vulnerabilities, and the program is staged so flaws are found and patched before the model reaches general release.
The expanded cohort covers power, water, healthcare, communications and hardware operators for the first time, alongside vendors whose codebases are relied on by governments and enterprises worldwide.
The Financial Times reported access has been extended across the Five Eyes alliance, which includes Australia, along with NATO and the European Union cybersecurity agency ENISA. Anthropic confirmed Australian organisations are included but declined to name them.
Separately, Anthropic is running a formal selection process to choose a local Australian data centre provider for 300 to 500MW of compute capacity, per AFR Street Talk, placing its Australian compute ambition in the same tier as OpenAI’s 550MW NEXTDC commitment.
The expansion landed one day after Anthropic’s confidential US$1 trillion-plus IPO filing and alongside a US executive order asking AI developers to submit frontier models for government testing up to 30 days before public release.

Australia joins the second wave of Glasswing access

Anthropic launched Project Glasswing on 7 April 2026, giving around 50 Wall Street and technology firms access to Claude Mythos to find and fix software vulnerabilities ahead of a broader public release. On 2 June the company widened that cohort to about 150 organisations in more than 15 countries, and Australian organisations are in the group for the first time.

The Australian angle is direct. The sectors added in this wave, power, water, healthcare and communications, map almost exactly onto the asset classes Australia regulates under the Security of Critical Infrastructure Act 2018. Data centres themselves sit inside that framework, under the data storage or processing sector. The operators being handed a defensive cyber tool in this expansion are, in the Australian context, the same operators carrying statutory security obligations for the assets the country depends on.

This is the security-side counterpart to Anthropic’s compute-side push into Australia. The company has signed a National AI Plan memorandum of understanding, taken its first federal contract with the Fair Work Commission, and begun staffing a Sydney data centre operations team. Mythos access adds a national-security dimension to a relationship that has so far been framed around investment and compute.

What Claude Mythos is, and why access is staged

Claude Mythos is an unreleased frontier model that Anthropic describes as its most capable to date for coding and agentic work. Its defining capability is finding software and network flaws at a level that, in Anthropic’s framing, exceeds all but the most skilled human researchers. That capability cuts both ways: the same model that helps defenders patch vulnerabilities would, in the wrong hands, accelerate attacks against the systems those defenders run.

The staged release is the response to that dual-use problem. Anthropic is putting Mythos to work on defence before the model is generally available, on the logic that critical software should be hardened before a public-release version of the capability circulates. The early results give the program its scale. On 22 May 2026 Anthropic said the initial Glasswing cohort had found more than 10,000 high or critical-severity vulnerabilities across systemically important software.

A separate scan put a second number on the capability. Across more than 1,000 open-source projects, Mythos flagged 23,019 potential vulnerabilities. Of those, 6,202 were rated high or critical. More than 90 per cent of the high or critical findings that were independently reviewed were confirmed valid.

Anthropic’s reasoning for the new cohort is the concentration of risk in shared code. Many of the new partners are vendors and non-profits that maintain codebases relied on by other organisations worldwide, including governments. For most of those partners, Anthropic estimates a major attack could affect more than 100 million people.

“What each partner has in common is that a successful attack on their codebase could be catastrophic.”

Anthropic, Project Glasswing expansion statement, 2 June 2026

Why Australian critical infrastructure is in the first cohort

Australia’s inclusion follows the Five Eyes line. The Financial Times reported that Glasswing access extends across the intelligence-sharing alliance, which pairs Australia with the United States, United Kingdom, Canada and New Zealand, alongside NATO and ENISA. For a defensive tool aimed at national-scale software risk, allied intelligence partners are the logical first recipients.

The groundwork was already laid locally. According to the Australian Financial Review, Australian agencies including Treasury, the Reserve Bank of Australia and the stewards of the country’s Systems of National Significance had sought briefings from Anthropic about Mythos during the restricted phase, before wider access opened. National security organisations are likely near the front of the Australian queue.

Systems of National Significance is the highest-criticality designation under the SOCI Act, reserved for assets whose disruption would carry serious consequences for national stability, defence or security. Operators of those assets carry Enhanced Cyber Security Obligations, including incident response planning and regular cyber exercises. A model that surfaces high-severity vulnerabilities in the software those operators depend on speaks directly to that obligation set.

Project Glasswing phase	Date	Cohort	Scope
Launch	7 April 2026	~50 Wall Street and technology firms	Finance and technology codebases
First results disclosed	22 May 2026	Initial cohort	10,000-plus high or critical vulnerabilities found
Expanded access	2 June 2026 (3 June AEST)	~150 organisations across 15-plus countries, including Australia	Power, water, healthcare, communications, hardware and shared-vendor codebases

Source: Certified Strategic Editorial, Anthropic disclosures and Financial Times reporting, June 2026.

The security track and the compute track now run in parallel

Anthropic’s Australian engagement has been building on the infrastructure side for months. The company met NEXTDC, AirTrunk and CDC Data Centres during its Canberra visit to sign the National AI Plan MoU, and has since posted a full Sydney Compute roster covering sourcing, capacity delivery and live facility operations, the same in-house model it runs in the United States against Fluidstack-built capacity. CDC holds Strategic-tier Hosting Certification Framework accreditation, the tier that matters for Commonwealth and regulated workloads.

The AFR Street Talk column reported in late May 2026 that Anthropic is running a formal selection process to choose a local Australian data centre provider for 300 to 500MW of compute capacity. The band sits in the same tier as OpenAI’s 550MW Eastern Creek commitment with NEXTDC and CDC’s 555MW contract with an unnamed US customer, and it would be the largest single direct-facility commitment Anthropic has secured outside its Fluidstack-built US programme. The Sydney Transaction Principal, the role that leads RFP processes and lease execution for Australian capacity deals, is the function running that selection. The three Australian operators with the campus footprint and grid position to bid credibly at that scale, NEXTDC, AirTrunk and CDC, are the same three Anthropic met in Canberra.

The procurement now has a power counterpart. On 2 June 2026 Anthropic posted a Data Center Energy Lead, Australia in Sydney. The role is briefed to secure multi-hundred megawatt power capacity across the National Electricity Market (NEM), Wholesale Electricity Market (WEM) and Northern Territory Electricity Market (NTEM), and to build connection relationships with AEMO, the transmission and distribution network operators and the Australian Energy Regulator.

Mythos access connects those two tracks. An AI lab negotiating to place sovereign compute in Australian data centres is now also supplying a defensive security capability to the operators of Australian critical infrastructure, a category that includes data centre operators. For providers positioning for sovereign AI tenancy, demonstrable cyber resilience in the software supply chain becomes part of the procurement conversation, not a separate compliance exercise. That sits alongside the certification, power and connectivity factors set out in our neocloud market report and the talent constraints in Australia’s 12-to-18-month window analysis.

The IPO and the executive order framing the timing

The expansion arrived inside a dense week for Anthropic. One day earlier, on 1 June 2026, the company confidentially filed a draft S-1 with the US Securities and Exchange Commission for an IPO that could value it above US$1 trillion, following a US$65 billion Series H that set its private valuation at US$965 billion. A defence-oriented Glasswing expansion, disclosed the day after the filing, presents the model’s most consequential capability in its most responsible posture as Anthropic moves toward public markets.

The policy backdrop sharpened on the same day. US President Donald Trump signed an executive order asking AI developers to voluntarily submit their most powerful models to the government for testing up to 30 days before public release, a window cut from an earlier 90-day draft. The order is voluntary and explicitly stops short of a licensing regime, but it formalises government pre-release access to frontier models. For Australian agencies weighing reliance on US frontier AI for national-security functions, the emerging US testing framework is part of the same picture as Mythos access.

What to watch

The named Australian recipients. Anthropic has confirmed Australian organisations are included but has not identified them. Confirmation that a Systems of National Significance operator, a Commonwealth agency or a major data centre operator holds Mythos access would mark the first concrete Australian deployment.

The interaction with SOCI obligations. Whether the Cyber and Infrastructure Security Centre or designated operators reference Glasswing findings inside Enhanced Cyber Security Obligations reporting would show the tool moving from access to operational use.

The selected Australian provider. AFR Street Talk has the 300 to 500MW process live; a named operator and disclosed capex would be the awaited signal that the compute relationship has moved past the MoU stage. Anthropic named its US$50 billion Fluidstack commitment on day one in the United States.

The public release of Mythos. Anthropic has said it expects to bring Mythos-class models to all its customers within weeks, paired with what it calls robust safeguards. General availability changes the calculus for every Australian operator that does not hold restricted Glasswing access today.