Anthropic's most sensitive AI model is becoming a test of who gets protection first when frontier systems can find serious software flaws faster than humans can fix them.
The European Commission is pressing Anthropic for a closer look at Claude Mythos Preview, the unreleased frontier model sitting at the center of Project Glasswing. The immediate issue is cybersecurity access for European banks, critical infrastructure companies and technology providers. The bigger issue is who gets to stand near the front of the line when a private AI lab controls a tool that can expose weaknesses in systems everyone depends on.
According to Bloomberg, Commission officials planned meetings in San Francisco with Anthropic representatives to seek more information about Mythos and ask whether the tool can be made available to the bloc. That is not the same as a confirmed deployment to a European institution. It is still meaningful. Europe is trying to move from observer to participant before the next wave of AI cyber capabilities becomes harder to contain.
Anthropic introduced Project Glasswing in April as a controlled effort to use Mythos Preview for defensive security work. Launch partners included Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. The company also said more than 40 additional organizations would receive access, with up to $100 million in model usage credits and $4 million in donations to open-source security groups.
That lineup tells you why the EU is pushing. If Mythos can help American banks, software companies and infrastructure providers find serious vulnerabilities early, European institutions will not want to wait for secondhand lessons after patches have already started moving through US-centered networks. Cybersecurity is not a market where delayed access feels neutral. It can become a structural disadvantage.
For years, the hard part of software security was finding the worst bugs before attackers did. Mythos changes the shape of that problem. Anthropic said in a recent Project Glasswing update that the model and roughly 50 partners had found more than 10,000 high- or critical-severity vulnerabilities across systemically important software. The company also said most partners had each found hundreds of serious flaws after one month.
Those numbers should be treated carefully because many details cannot be disclosed while patches are still moving through the system. But even with that caution, the direction is clear. The scarce resource is no longer only discovery. It is verification, disclosure, patch development and deployment. A model that finds vulnerabilities at speed can improve defense, but it can also flood already stretched security teams with more work than they can responsibly process.
That is why controlled access matters. Anthropic has not made Mythos publicly available, and the company has framed the model as powerful enough to require safeguards. In its own materials, Anthropic said Mythos had found thousands of high-severity vulnerabilities, including flaws in major operating systems and web browsers. It also described the model as capable of developing sophisticated exploits, which is exactly why broader release is politically sensitive.
Europe's concern is practical, not abstract. Banks, payment systems, hospitals, energy networks and telecom providers run on deep layers of shared software. If AI tools can discover hidden weaknesses across those layers, regulators need to know whether the defensive side can move quickly enough. The European Central Bank and other financial authorities have already been drawn into the debate because a cyber flaw in one part of the system can spread risk far beyond one company.
Access is becoming leverage
Anthropic is now dealing with a problem every frontier AI company will recognize. The most advanced models are not just products. They are bargaining chips in conversations with governments, strategic customers and security agencies. Who gets access, who waits, and who receives only summaries can shape commercial relationships and regulatory pressure at the same time.
For startups and enterprise buyers, that is the important lesson. Frontier AI access will not always move like normal software procurement. The most capable systems may arrive first through narrow research previews, government-linked programs and trusted partner networks. Companies that assume every powerful model will simply appear in an API at the same time for everyone are likely to misread the market.
The EU also has a regulatory angle. Brussels has spent years trying to set the global tone on digital rules, from privacy to platform governance to AI oversight. Mythos gives that ambition a harder edge. It is one thing to write rules for deployed commercial systems. It is another to negotiate access to an unreleased model whose cybersecurity effects may be felt before ordinary customers ever see it.
Anthropic has reasons to move slowly. If Mythos-class tools become available too broadly before defenses are ready, the same capability that helps a bank find weaknesses could help an attacker find them first. But if access stays too narrow, allies, regulators and major institutions will argue that critical infrastructure is being protected unevenly. Neither path is clean.
The next thing to watch is whether Europe gets a formal role in Project Glasswing, or whether talks remain limited to briefings and information sharing. A real access agreement would signal that frontier model governance is becoming a geopolitical process as much as a commercial rollout. If no agreement comes, European banks and infrastructure operators will keep looking for alternatives, including domestic AI efforts from companies such as Mistral. Either way, Mythos has already shown that the future of AI competition will be measured not only by who builds the smartest model, but by who is trusted to use it first.
Also read: AI borrowing is starting to reshape the global bond market • Bain says AI savings are still missing the profit line • Nvidia's Seoul meetings put Korean AI hardware in the spotlight
