Anthropic expands Mythos cyber defense access to EU agency ENISA

Project Glasswing is one of the clearest examples of frontier AI being deliberately kept off the public internet and aimed instead at a narrow, high‑stakes domain: securing the world’s software. Bringing ENISA into that circle tightens the feedback loop between a US frontier lab and European cyber‑defense institutions. Strategically, Anthropic is positioning Mythos as critical infrastructure rather than a consumer product, which both justifies its closed deployment and creates deep dependency among regulators, banks and critical‑infrastructure operators that rely on it to find bugs before attackers do.

For the broader race to AGI, these moves normalize a model where the most capable systems are never widely released but are selectively licensed to governments and a few large enterprises under heavily negotiated programs. That may reduce immediate misuse risk, but it also concentrates extraordinary capability and sensitive vulnerability intelligence inside a tiny network of actors. Giving ENISA direct access slightly rebalances power away from US‑only control and toward transatlantic governance, yet it doesn’t change the underlying asymmetry: if Mythos (or its successors) are years ahead of open tools, whoever sits on the access list effectively holds a master key to large parts of the world’s digital infrastructure.