Anthropic to give EU cyber agency ENISA access to Mythos via Project Glasswing after weeks of Commission talks
On June 1, 2026, Anthropic moved to grant the European Union's cybersecurity agency ENISA access to Claude Mythos, its most advanced (and unreleased) frontier model, through the Project Glasswing testing initiative.
At a glance
- Anthropic moved June 1, 2026 to grant ENISA access to Claude Mythos via Project Glasswing
- European Commission actively sought access citing cybersecurity concerns; the bloc had to seek permission from the US administration before obtaining the model
- Commission confirmed to CNBC 'several productive meetings'; official terms not yet finalized; discussions centered on secure-access arrangements
- Mythos surfaced in April and can uncover thousands of previously unknown software vulnerabilities
- EU previously obtained access to OpenAI's cybersecurity-focused model earlier in 2026
VERDICT — CONFIRMED
On June 1, 2026, Anthropic moved to grant the European Union's cybersecurity agency ENISA access to Claude Mythos, its most advanced (and unreleased) frontier model, through the Project Glasswing testing initiative. The arrangement followed weeks of negotiation: the European Commission actively sought access citing cybersecurity concerns, and the bloc had to seek permission from the US administration before it could obtain the model — a reflection of Washington's caution about sharing frontier capability internationally to preserve technological advantage. The Commission confirmed to CNBC it had held 'several productive meetings' with the company, with discussions now centered on secure-access arrangements; official terms were not yet finalized.
The driver is the same dual-use property that has alarmed governments, banks and tech firms since Mythos surfaced in April: the model can uncover thousands of previously unknown software vulnerabilities and, in the wrong hands, could accelerate cybercrime. Project Glasswing lets vetted organizations test Mythos's capabilities before any wider release. The EU had previously obtained access to OpenAI's cybersecurity-focused model earlier in 2026, so the ENISA deal extends a pattern of EU institutions partnering directly with US frontier labs on defensive cyber tooling.
The episode is a concrete example of frontier-model governance playing out at the state level — export-control-style permission from the US government, bilateral safety conditions, and a national/regional cyber agency as the access point rather than the open market.
Update log · verification desk
Key facts on file
- Anthropic moved June 1, 2026 to grant ENISA access to Claude Mythos via Project Glasswing
- European Commission actively sought access citing cybersecurity concerns; the bloc had to seek permission from the US administration before obtaining the model
- Commission confirmed to CNBC 'several productive meetings'; official terms not yet finalized; discussions centered on secure-access arrangements
- Mythos surfaced in April and can uncover thousands of previously unknown software vulnerabilities
- EU previously obtained access to OpenAI's cybersecurity-focused model earlier in 2026


