Anthropic’s scale and Project Glasswing concerns

Anthropic said on April 7 that its revenue run-rate had passed $30 billion, up from about $9 billion at the end of 2025, and that more than 1,000 business customers now spend over $1 million a year on Claude. It also said that count doubled in less than two months, which is why this story starts with sales and not science. (anthropic.com) That kind of run-rate is not cash in the bank. It is a speedometer, not an odometer: Anthropic is annualizing recent revenue to show how fast enterprise demand is moving right now. (anthropic.com) Anthropic had already told investors on February 12 that its run-rate revenue was $14 billion, that more than 500 customers were spending over $1 million annually, and that eight of the Fortune 10 were Claude customers. In less than eight weeks, those figures jumped again. (anthropic.com) The new twist is that Anthropic paired the revenue update with a security announcement called Project Glasswing on April 7. The company says the project gives selected defenders early access to Claude Mythos Preview, a model it is not releasing broadly because of cyberattack risks. (anthropic.com, cnbc.com) Project Glasswing is not a small pilot with one bank or one cloud provider. Anthropic listed Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks as launch partners, and said more than 40 additional organizations that build or maintain critical software infrastructure also got access. (anthropic.com) Anthropic also put money behind it. The company said it would commit up to $100 million in usage credits and $4 million in donations to open-source security groups, which turns this from a product demo into an attempt to harden shared infrastructure before stronger models spread further. (anthropic.com) The reason Anthropic is doing this now is in its own testing notes. On April 7, its safety team wrote that Claude Mythos Preview could identify and exploit previously unknown software flaws in every major operating system and every major web browser they tested. (red.anthropic.com) A previously unknown software flaw is a bug nobody has patched yet. Anthropic said more than 99% of the vulnerabilities it found were still unpatched when it wrote the report, so it withheld most details and framed the model as something that needed coordinated disclosure, not open release. (red.anthropic.com) The company gave one concrete example with a date attached to it: a now-patched 27-year-old bug in OpenBSD, an operating system with a reputation for security. CyberScoop reported that Anthropic also said the model found a 16-year-old flaw in FFmpeg that automated testing had missed despite hitting the affected line about 5 million times. (red.anthropic.com, cyberscoop.com) That changes the frame for regulated industries like banks, hospitals, utilities, and telecom networks. If the same model that writes code can also find old holes in browsers, operating systems, and open-source plumbing, then buying artificial intelligence stops looking like a normal information technology rollout and starts looking like a resilience problem that involves security teams, software vendors, open-source maintainers, and government agencies at the same time. (anthropic.com, red.anthropic.com) Anthropic’s own language is unusually direct for a product launch. It said “no single organization can do this alone,” and it built the launch around coalition members instead of general availability, which is a sign that the company sees frontier models as infrastructure risk as much as software revenue. (anthropic.com) So the headline is not just that Anthropic got big. It is that one of the fastest-growing artificial intelligence companies is telling customers that its newest model is valuable enough to drive a $30 billion run-rate and dangerous enough to keep behind a defensive cordon. (anthropic.com, anthropic.com, cnbc.com)