Anthropic Opens Project Glasswing to EU, Granting ENISA Access to Zero-Day-Hunting Mythos AI

Throughout May, the situation escalated. European Commission officials traveled to San Francisco to directly request access from Anthropic executives . Spain’s economy minister publicly stated that progress had been "limited," and EU negotiations with Anthropic for financial-institution access were effectively stalled . By late May, news outlets framed the EU’s lack of access as a "technological and institutional gap in cybersecurity capabilities," noting that while the Bank of England, the Federal Reserve, and the U.S. Treasury had all been briefed, no EU institution had operational access . The June 1 decision to include ENISA is a direct resolution of this public pressure campaign.

Mythos' Unprecedented Capabilities

Understanding the significance of this access requires understanding what Mythos can do. The Claude Mythos Preview is not simply a chatbot. It is an AI model that, once given a prompt, can autonomously read source code, form hypotheses, run tests, and write working exploits—all without human intervention . During initial evaluations, it discovered thousands of high-severity zero-day vulnerabilities across every major operating system, including Windows, macOS, Linux, and every major web browser .

Some of the specific findings are staggering. Mythos identified a 27-year-old bug in OpenBSD's TCP SACK implementation, a 16-year-old flaw in FFmpeg, and autonomously chained four vulnerabilities to escape a browser's OS sandbox . It built 181 working shell exploits against Firefox 147, where the previous best model managed only 2 . By May 23, 2026, these efforts had scaled massively: Project Glasswing partners reported finding over 10,000 high- or critical-severity vulnerabilities in systemically important software, with Cloudflare alone finding nearly 2,000 bugs with a false-positive rate lower than human testers .

Project Glasswing's Defensive Framework

Despite the model's offensive power, access is governed by strict terms. All Project Glasswing partners must use Mythos Preview exclusively for defensive security work. This means identifying, patching, and reporting vulnerabilities in critical software . The terms explicitly prohibit offensive cyber operations. Anthropic has committed up to $100 million in usage credits for the initiative and $4 million in direct donations to open-source security organizations .

ENISA's inclusion means the EU can now apply this defensive capability to its own critical infrastructure. European institutions face genuine risks from adversaries who could obtain or replicate similar AI capabilities . The ECB has already warned eurozone banks that AI-driven cyber threats, specifically referencing Mythos-class tools, are a top concern . ENISA's access provides first-hand visibility into the threat landscape and the ability to test European defenses against the most advanced AI vulnerability scanner known to exist.

What the Deal Does Not Do

The agreement is a major step forward for EU cybersecurity sovereignty, but it is limited in scope. While ENISA now has a seat at the table, access for broader European financial institutions and individual member states remains unresolved. As of late May 2026, talks regarding testing arrangements for European banks had stalled . ENISA's membership in Project Glasswing closes a diplomatic gap but does not yet extend the model's defensive umbrella across the entire continent.