IPO paperwork, six enterprise moves, and a landmark AI research paper: Anthropic weekly, June 8

The week of June 1–7 saw Anthropic file for a public listing, deepen its cloud and professional-services partnerships, publish a major cybersecurity report, and release a striking internal account of how much of its own research Claude now drives.

S-1 confidential draft filed with the SEC

Category: Legal

On June 1, Anthropic, PBC confirmed it had confidentially submitted a draft Form S-1 registration statement to the Securities and Exchange Commission, covering a proposed IPO of its common stock.1 The announcement said the number of shares and offering price have not been set, and that any IPO remains contingent on market conditions and SEC review.

The filing is the most concrete signal yet that Anthropic is moving toward a public listing. A standard S-1 review runs three to four months, which points to an IPO launch window in roughly July–August 2026, depending on how quickly the SEC completes its comments and how stable markets look at that point. The filing came three days after the close of the $65B Series H round at a $965B post-money valuation, reported in last week's roundup.2

Snowflake Summit 26: Claude in the governed-data stack

Category: Customer

At Snowflake Summit 26 on June 1, Snowflake and Anthropic announced significant momentum in their strategic partnership.3 The announcement builds on an expanded partnership from December 2025 that integrated Claude models across all major cloud platforms within Snowflake Cortex AI.

The scope of the update covers several layers of the Snowflake product stack:

Snowflake Intelligence — the company's natural-language enterprise analytics layer — is powered by Claude
Snowflake Cortex Code has become Snowflake's fastest-growing product ever, with more than 7,100 users; it is also Claude-powered
Snowflake is one of six launch partners in the Claude Marketplace, enabling customers to apply existing Anthropic spend commitments toward Snowflake AI capabilities
The two companies are collaborating on Claude Code Security capabilities for enterprise vulnerability remediation

Customers cited in the announcement using Claude via Snowflake include Block (Square/Cash App), Carvana, eSentire, Indeed, and Notion. Deloitte is also named as a system integrator helping joint customers deploy the combination.

Snowflake and Anthropic partnership banner from Snowflake Summit 26 — Snowflake and Anthropic at Snowflake Summit 26, June 1, 2026 3

Project Glasswing expands to ~150 new organizations

Category: Product / Partnership

On June 2, Anthropic announced the second cohort of Project Glasswing — its critical-infrastructure cybersecurity initiative — expanding to approximately 150 new organizations across more than fifteen countries.4 The new cohort fills gaps in the original program, adding electricity grids, water systems, hospitals, telecom providers, and hardware vendors to the partner list, along with open-source code maintainers whose libraries underpin systems used by governments worldwide.

Alongside the Glasswing expansion, Anthropic released Claude Security as a public-tier product. Using the latest frontier model (currently Claude Opus 4.8), Claude Security scans codebases and generates patch recommendations. Trusted security teams can also request access to more advanced tools that Anthropic developed specifically for Glasswing partners and that the company says can surface vulnerabilities faster than the public tier.

Each Glasswing partner organization is estimated to protect 100 million or more people from catastrophic attacks, according to Anthropic's framing for the program.

Claude Partner Network: Services Track and Partner Hub

Category: Customer / Product

On June 3, Anthropic launched two new components of the Claude Partner Network, the partner program it announced in March backed by a $100 million fund.5

The Services Track is a tiered certification program for consulting and implementation firms:

Tier	Certified practitioners	Production deployments	Public references
Select	10+ active	2+ (trailing 12 months)	1+
Preferred	100+ active	15+	3+
Global Premier	1,000+ active	100+ across 3+ regions	15+

Certifications belong to individuals, not firms, and require passing Anthropic Partner Academy exams and using Claude in the past 90 days. Tier promotions are processed January 1 and July 1, with an additional review on October 1, 2026.

The Claude Partner Hub is a public directory showing each partner firm's tier, certified-practitioner count, customer deployments, and public references, refreshed daily. Partners can also connect the Hub to Claude via an MCP connector to query their own standing conversationally.

Since the Partner Network launched in March, over 40,000 firms have applied and more than 10,000 consultants have earned individual Claude certifications. Major firms building practices around the program include Accenture (training 30,000), Cognizant (350,000 associates), Deloitte (470,000 globally), KPMG (276,000+), Infosys, and PwC — the latter deploying Claude Code and Cowork starting with its US teams before expanding globally.

Cyber threats research: MITRE ATT&CK needs an update

Category: Policy / Research

Also on June 3, Anthropic's Frontier Red Team published findings from a year-long study of 832 accounts banned for malicious AI-enabled cyberattacks between March 2025 and March 2026.6 A subset of the data was published in Verizon's 2026 Data Breach Investigations Report; this release is the fuller analysis.

Three main conclusions:

AI is being used deeper in attack chains. The most common AI-assisted activity is malware writing (67.3% of the 832 accounts studied), but attackers are shifting toward post-compromise stages. AI-assisted account discovery inside compromised networks rose 8.9% across the study period; AI-assisted phishing fell 8.6%. Techniques that previously required deep technical skill — lateral movement, privilege escalation — are increasingly available to less-skilled actors.
Threat levels are rising faster than expected. In the first six months of the study window, 33% of actors scored medium risk or higher. By the second six months, that share had reached 56% — a 1.7-fold increase in roughly a year.
The MITRE ATT&CK framework does not capture agentic attack behaviors. Behaviors like AI orchestrating multiple attack stages sequentially, making real-time tactical decisions, and executing with minimal human input have no ATT&CK IDs. Anthropic's example: the state-sponsored cyber espionage operation it disrupted in November 2025 scored comparable to medium-risk actors on ATT&CK technique count, but earned the maximum risk score of 100 under Anthropic's internal methodology. Anthropic says it is in discussions with MITRE to update ATT&CK for agentic attack patterns.

"When AI builds itself": Anthropic's recursive self-improvement report

Category: Research

On June 4, Anthropic's Institute published a detailed report titled "When AI builds itself," covering the company's internal evidence on how much of its own development Claude now drives, and what recursive self-improvement could mean if the trend continues.7

The quantitative disclosures are striking:

As of May 2026, Claude authors more than 80% of merged code in Anthropic's codebase. Before Claude Code's research preview in February 2025, that figure was in the low single digits.
The average engineer at Anthropic now merges 8× more code per day than the 2021–2024 baseline.
In April 2026, Claude completed 800+ fixes that reduced a class of API errors by 1,000×; the overseeing engineer estimated a human would have needed four years to do the same work.
Claude Mythos Preview can now work for at least 16 hours on a task — the upper limit of METR's current measurement capability.

Code contributed per person per quarter, 2021 Q2 to 2026 Q2 — showing 8× increase by 2026 Q2 — Merged code per engineer per day as a multiple of the 2021–2024 average; reaches 8× by Q2 2026 7

On research judgment — the ability to choose the right next experiment, not just execute one — Claude Mythos Preview now outperforms the human researcher's choice 64% of the time when tested against 129 sessions where the human made a wrong turn. In November 2025 (Claude Opus 4.5), that figure was 51%.

Claude Code session success rate on four task types, Sept 2025 to May 2026 — open-ended problems reach 76% success — Claude Code success rate by task complexity; open-ended problems hit 76% in May 2026, up 50 percentage points in six months 7

The report outlines three scenarios: the trend stalls at current capability; compounding gains continue but humans retain direction-setting (the scenario Anthropic considers most likely); or full recursive self-improvement, where AI designs its own successors with compute as the primary constraint. The report explicitly states full recursive self-improvement is not inevitable but could arrive sooner than most institutions are ready for.

One week in review

Six material events, each pointing in the same direction: Anthropic is moving simultaneously toward the public markets and toward the enterprise infrastructure stack that will justify the valuation investors will eventually be asked to price.

The S-1 filing places a clock on the IPO process. The Snowflake partnership, Glasswing expansion, and Partner Network Services Track collectively describe where enterprise revenue is coming from and how the distribution layer is being standardized. The cyber threats research and the recursive self-improvement report are the policy and technical scaffolding: Anthropic is telling regulators, buyers, and investors what it knows about AI's risks and what it is doing about them before the S-1 becomes public.

The next material events to watch: SEC comment rounds on the S-1, the Mythos model moving from preview to general availability, and any disclosed IPO timeline update.