Anthropic has expanded Project Glasswing, the program that puts Claude to work finding vulnerabilities in critical software, from roughly 50 partners to about 150 organisations across more than 15 countries. Claude is the engine doing the scanning: partners run Claude Mythos Preview against their own codebases, and Anthropic reports the first cohort surfaced more than 10,000 high or critical severity flaws. For Australian software teams, the real story is less about who got access and more about what the program signals. AI-assisted vulnerability discovery has moved from research demo to standing practice, and the teams that treat it as a baseline will set the bar for everyone in their supply chain.
What Anthropic actually changed
The first Glasswing cohort was a closed group of around 50 partners. The expansion roughly triples that, adding about 150 organisations spanning power, water, healthcare, communications, and hardware. Many of the new partners are vendors whose code other organisations depend on, so a single undiscovered flaw can cascade to hundreds of downstream users. Anthropic frames the stakes plainly: it estimates a major attack on a typical partner could affect more than 100 million people.
The new partners are based in more than 15 countries, and each must meet Anthropic's security requirements before gaining access.
Partners run Claude Mythos Preview directly against their own source, rather than handing code to a third party.
The initial group surfaced more than 10,000 high or critical severity security flaws.
The recurring argument from Anthropic is that cheap, fast models with strong cyber capability are close, and the same capability that helps defenders will also help attackers. Glasswing is meant to push institutions toward operating norms that assume this is already the reality, not a problem for some later year. The expansion is also a quiet statement about scale: finding 10,000 serious flaws across a few dozen partners suggests the number hiding in the broader software supply chain is far larger than most security teams would care to estimate.
Why this matters for Australian software teams
Most Australian engineering teams are not part of a program like this, and most never will be. The direction of travel still applies. When AI code review becomes a defensive baseline for critical infrastructure vendors, it becomes a procurement expectation for the suppliers underneath them. If your business sells software into financial services, healthcare, or government, your buyers will start asking how you test for vulnerabilities, and 'manual review on a good week' is a weak answer.
Treat AI-assisted code review as a defensive baseline, not a novelty bolt-on.
Map which of your dependencies are single points of failure for your product.
Decide who owns triage when a model surfaces dozens of real flaws at once.
The economics are not subtle. A single critical breach at an Australian mid-market firm routinely runs past $500,000 once remediation, downtime, and Privacy Act notification obligations are counted, and that figure climbs fast when customer data is exposed. Spending a fraction of that on AI-assisted code security ahead of an incident is the cheaper side of the trade. The Privacy Act reforms have raised the cost of getting this wrong, and the Office of the Australian Information Commissioner has shown it will act on notifiable breaches.
How to start without joining a program
You do not need a Glasswing invitation to get most of the value. Claude can review a codebase the way a careful senior engineer would: reading files, following references, and flagging the patterns that lead to real vulnerabilities. The work that matters is wiring that review into the pipeline you already run and building a human process around the output.
Point Claude at a high-risk service first, such as anything handling authentication, payments, or personal data.
Run review on pull requests so findings arrive while the context is fresh, not in a quarterly audit.
Capture every confirmed flaw as a tracked issue, so the model's output becomes an audit trail rather than a one-off scan.
The goal is not to replace your security team. It is to give them a faster first pass, so their attention goes to the judgment calls instead of line-by-line reading. Most teams find the hard part is not the scanning but the discipline around it: agreeing on severity, closing the loop on every finding, and resisting the urge to wave through a flaw because the sprint is already full. Build that habit on a small service and it becomes the default everywhere else.
Where Automata AI fits
We help Australian teams put Claude to work on exactly this kind of problem: standing up Claude-based code review, wiring it into existing pipelines, and building the human triage process around it. If your team wants to see what AI-assisted security review looks like on your own codebase, book a conversation with us and we will map a starting point that fits how you already ship.
