Anthropic simultaneously launched Project Glasswing, a coalition including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks, and over 40 additional organizations focused on securing critical infrastructure. Anthropic committed $100 million in usage credits and $4 million in open-source security donations to fund defensive patching before adversaries develop comparable tools. The specific vulnerabilities identified and their patch timelines remain undisclosed.
For practitioners, this signals a critical inflection point in AI-driven cybersecurity. AI systems now discover exploitable flaws faster than organizations can patch them—a gap widening as CrowdStrike reports an 89 percent year-over-year increase in AI-driven attacks. General counsel and security teams should expect accelerated vulnerability disclosure timelines and pressure to prioritize patching cycles. The Glasswing coalition's controlled-access model may become the standard for managing dual-use AI capabilities, reshaping how firms negotiate access to security tools and coordinate with vendors on remediation.