April 10, 2026

MCP Weekly: Anthropic Launches Project Glasswing, OpenAI Pushes Enterprise, Microsoft Turns Copilot Into an Agent Platform

Agent infrastructure matures as security, compute, and interfaces converge

The week of April 3 to April 10 saw a landmark defensive security initiative from Anthropic, OpenAI laying out its full enterprise strategy, and Microsoft turning Copilot Chat into a platform where agents render live interfaces directly inside the workspace.

TL;DR

Anthropic launched Project Glasswing, a gated defensive security initiative where Claude Mythos Preview autonomously found decades-old vulnerabilities in OpenBSD and FFmpeg, backed by a $100 million commitment to open-source defenders. Anthropic also secured a multi-gigawatt compute deal with Google and Broadcom for 2027, with revenue now running above $30 billion annually. On the product side, Anthropic shipped Claude Managed Agents, Cowork for Enterprise, the Advisor Strategy, and a Subagents guide for Claude Code, all in the same week.

OpenAI laid out its full enterprise strategy around a unified intelligence layer, with Codex at 3 million weekly active users and enterprise revenue now above 40 percent of total income. OpenAI also launched the Safety Fellowship, an independent research program focused on agentic oversight running from September 2026. Microsoft made MCP Apps generally available in Copilot Chat, letting agents render live dashboards and forms directly inside the chat window. AWS updated AgentCore Gateway with OAuth 2.0 support for secure MCP server connections. Atlassian extended its Rovo MCP Server to Bitbucket Cloud, and DBmaestro launched the first MCP server built specifically for database DevOps.

Major Updates of the Week

Anthropic Project Glasswing

Project Glasswing is Anthropic's defensive cybersecurity initiative built around Claude Mythos Preview, a new frontier model not made publicly available due to its offensive risk. The model autonomously identified a 27-year-old crash vulnerability in OpenBSD and a 16-year-old flaw in FFmpeg that survived 5 million automated tests. It scored 83.1% on CyberGym vulnerability reproduction and 93.9% on SWE-bench Verified. Launch partners include Apple, Cisco, JPMorgan Chase, Palo Alto Networks, and the Linux Foundation. Anthropic is committing $100 million in model credits and $4 million in direct donations to open-source security organizations, and is working with the US government on AI vulnerability disclosure standards. This sets a new baseline for what AI-driven security systems are expected to detect.

AWS Bedrock AgentCore Gateway Adds OAuth Support

AWS updated AgentCore Gateway to support OAuth 2.0 Authorization Code flow, allowing agents to connect to protected tools like GitHub, Salesforce, and Databricks through a single managed endpoint without embedding credentials in application code. The gateway centralizes authentication, token management, and policy enforcement, and tool definitions are cached upfront so users can browse full tool catalogs without triggering repeated login prompts. This removes the main security barrier to connecting enterprise MCP servers at scale.

Claude Updates

Vendor / Product	Key Action / Feature	Significance
Anthropic: Compute Deal with Google and Broadcom	Anthropic secured multiple gigawatts of 2027 TPU capacity from Google and Broadcom. Its revenue run-rate exceeds $30 billion, and enterprise customers spending over $1 million annually doubled to more than 1,000 in less than two months. Claude is still the only frontier model available on AWS Bedrock, Google Vertex AI, and Microsoft Azure Foundry.	Ensures long-term model availability as enterprise demand surges, while hardware diversity across TPUs, Trainium, and GPUs provides resilience that single-vendor competitors cannot match.
Claude Managed Agents	Anthropic launched a cloud-hosted API suite in public beta for autonomous agents, handling sandboxing, state management, and tool coordination. Agents can run for hours, maintain state, and spawn parallel sub-specialists. Billed at standard token rates plus $0.08 per active session hour, early adopters include Notion, Asana, and Sentry.	Cuts agent deployment time from months to days by removing the need to build custom backends, moving agents from experimental scripts to production-grade deployment.
Claude Cowork for Enterprise	Cowork is now generally available on all paid plans with role-based access via SCIM, per-team spend limits, OpenTelemetry export to Splunk and Cribl, and a new Zoom MCP connector that pulls meeting summaries into agent workflows.	Moves Cowork from an individual productivity tool to a governed company-wide deployment, giving IT and finance teams the controls they need before approving a broad rollout.
Claude Advisor Strategy	A new architecture pairs a fast executor model (Sonnet or Haiku) with a high-intelligence advisor model (Opus) that steps in only when complex reasoning is needed. Cuts per-task cost by nearly 12% while improving benchmark scores across SWE-bench and BrowseComp.	Solves the cost-versus-capability trade-off in agent workflows without requiring developers to manage the orchestration logic themselves.
Claude Subagents in Claude Code	Anthropic published a guide on using isolated subagent instances inside Claude Code to handle parallel tasks, research, and code reviews without bloating the main context window. Custom subagents can be stored in project folders with restricted tools and specific models assigned per task.	Gives engineering teams a practical way to manage context costs and run parallel work inside large codebases without sacrificing quality or security controls.

OpenAI: Enterprise Strategy and the Unified Superapp

OpenAI is transforming its business by consolidating individual AI tools into a single intelligence layer across enterprise systems, with enterprise revenue already exceeding 40% of total income and projected to equal consumer revenue by year-end, driven by GPT-5.4, 3 million weekly Codex users, and processing 15 billion tokens per minute. This shift is supported by strategic partnerships with firms like McKinsey and Accenture, and the development of a unified interface for its core products.

Concurrently, the company is bolstering its safety efforts by launching the Safety Fellowship, a research program running from September 2026 to February 2027 to fund external work on agentic oversight and misuse, with applications closing on May 3, 2026.

Other Updates

Vendor / Product	Key Action / Feature	Significance
Microsoft: MCP Apps in Copilot Chat	MCP Apps are now in Microsoft 365 Copilot Chat. Agents can show live dashboards, forms, heat maps, and maps in a sandboxed chat frame. Launch partners include Adobe, Figma, monday.com, and Coursera. Apps use OAuth 2.1 and Microsoft Entra SSO, and will be in the Microsoft 365 Agent Store by mid-April 2026.	Turns Copilot Chat into a full execution environment where employees can query data and act on it without switching between applications.
Atlassian Rovo MCP: Bitbucket Support	The Rovo MCP Server now supports Bitbucket Cloud, letting AI clients including Claude, ChatGPT, and Cursor browse repos, create commits, open pull requests, and monitor pipelines. Managed through the Atlassian Admin Hub.	Gives AI agents a full view of the software development lifecycle from planning in Jira to code in Bitbucket, all under one governed connection.
DBmaestro MCP Server	DBmaestro launched the first MCP server purpose-built for database DevOps, letting AI agents trigger release automation, source control, and compliance workflows through natural language while maintaining full audit trails and role-based access. Available now to all existing customers.	Brings database operations into the agent layer without bypassing governance, addressing a long-standing gap between AI tooling and production database management.
PureInsights Discovery 2.8	Discovery 2.8 adds MCP support inside its QueryFlow module alongside new connectors for SharePoint Online, OracleDB, SMB, and LDAP, plus a Schedules API for automated pipeline execution and checksum-based incremental scanning to cut re-ingestion time.	Lets enterprises connect corporate data from separate repositories directly into agent workflows without building custom integrations.

My Thoughts: The Infrastructure Layer is the Constraint

Project Glasswing is the story of the week, and not just because of the headline numbers. A model finding a 27-year-old vulnerability that survived 5 million automated tests tells you something important: the gap between what AI can find and what traditional security tooling can find has already closed. The decision to keep Mythos gated while funding defenders to use it is the right call, but it also confirms that the offensive risk of frontier models is now a real operational concern, not a hypothetical one.

The rest of the week points in one direction. Anthropic launching Managed Agents and the Advisor Strategy, Microsoft making MCP Apps generally available, OpenAI codifying its enterprise layer, AWS handling authentication at the gateway level: these are not experiments. They are the infrastructure layer hardening around agents that have already proven their value. The question most organizations should be asking now is not whether to deploy agents, but whether their security controls, budgets, and governance processes are ready to manage them at scale.

‍

Om Shree

Technical Evangelist

About Om Shree

Om Shree is a researcher, technical writer, and AI evangelist who focuses on making complex AI and agent workflows easier to understand. Om's passion is breaking down emerging technologies into clear, practical insights. He's excited to provide useful in-depth research that supports product planning and helps developers navigate new tools and systems with ease.

Customized Plans for Real Enterprise Needs

Gentoro makes it easier to operationalize AI across your enterprise. Get in touch to explore deployment options, scale requirements, and the right pricing model for your team.

Get in Touch