Anthropic Drops Project Glasswing NDAs After Congressional Pressure, Letting JPMorgan Share Mythos Vulnerability Findings

This article is a follow-up to NCT’s prior coverage of Project Glasswing’s launch. The new development: Anthropic has lifted the NDAs restricting partner disclosure.

Anthropic has dropped the nondisclosure agreements that prevented Project Glasswing partners from sharing vulnerability findings discovered by the Claude Mythos model, according to Reuters and American Banker. The change lets JPMorgan, Mozilla, Palo Alto Networks, and more than 40 other organizations share Mythos-surfaced vulnerabilities with regulators, industry peers, open-source maintainers, and the public.

The NDA carve-out came the same day Rep. Josh Gottheimer (D-NJ), co-chair of the House Democratic Commission on AI and the Innovation Economy, released a letter to Anthropic CEO Dario Amodei pressing for exactly that step. Anthropic had notified partners of the change in the days prior.

“No entity should be contractually restricted from warning others, coordinating mitigations, or informing relevant and trusted stakeholders about urgent cyber risks,” Gottheimer wrote, per American Banker.

Why the NDA Mattered

Project Glasswing launched on April 7 with strict nondisclosure agreements governing all findings. That meant JPMorgan, the only bank among Glasswing’s named launch partners, could not formally share Mythos-discovered vulnerabilities with community and regional banks that depend on the same software systems but lack access to the program.

With the carve-out, that intelligence can now flow downstream. For smaller financial institutions running shared software stacks, this is the difference between learning about a critical vulnerability from a partner and discovering it after exploitation.

Scale of Mythos Findings

The volume of vulnerabilities Mythos has surfaced provides context for why the NDA issue escalated to Congress. According to Anthropic’s red-team testing, Mythos has identified thousands of previously unknown zero-days across major operating systems and browsers, producing working exploits on the first attempt in more than 83% of cases, per American Banker.

Mozilla disclosed that Mythos surfaced 271 Firefox vulnerabilities, all patched in Firefox 150 (released April 21). Palo Alto Networks disclosed 26 vulnerabilities covering 75 individual software defects in a single May 13 advisory, far above its typical monthly volume of fewer than five. None had been exploited in the wild at time of disclosure.

UK Regulators Add Pressure

Three days before Anthropic’s NDA change, the Bank of England, the Financial Conduct Authority, and HM Treasury issued a joint statement warning U.K. financial firms that “the cyber capabilities of current frontier AI models are already exceeding what a skilled practitioner could achieve, and at a significantly higher speed, greater scale and lower cost.”

The statement directed firms to take “active steps” across five domains: governance and strategy, vulnerability identification, third-party risk, protection, and response and recovery. No U.S. financial regulator has issued comparable guidance, per American Banker.

Gottheimer Also Called Out OpenAI

In his letter, Gottheimer urged OpenAI to make the same disclosure change to its Trusted Access for Cyber (TAC) program, an invite-only initiative giving vetted researchers expanded access to OpenAI’s most cyber-capable models for defensive work. OpenAI has not publicly responded.

Anthropic’s Glasswing launch page committed to publishing a public report on program findings within 90 days. That report is due by July 6.