Anthropic’s Mythos found flaws in classified US systems

TL;DR:

  • Anthropic’s Mythos model identified vulnerabilities in highly sensitive US government systems during a restricted testing exercise, the AP reports.
  • The work ran under Project Glasswing, a programme to find and fix flaws before attackers exploit them.
  • The NSA chief reportedly told a hearing the model “broke into almost all of our classified systems… not in weeks, but in hours”.

Anthropic’s Mythos model uncovered vulnerabilities in highly sensitive US government computer systems during a testing exercise, according to an Associated Press report. The company worked with Washington’s intelligence agencies under Project Glasswing, a restricted programme designed to find and fix flaws in critical software before adversaries can exploit them.

Hours, not weeks

The detail that drew attention came from Senator Mark Warner, who told a congressional hearing this month that NSA chief Joshua Rudd had informed him Mythos “broke into almost all of our classified systems, not in weeks, but in hours”. A US official cautioned, however, that identifying a vulnerability quickly is not the same as being able to exploit it in that time — an important distinction between reconnaissance and attack. The White House, Anthropic and the Department of Defense did not immediately comment.

The episode lands in an already fraught relationship. Anthropic refused to let the US military use its models for domestic surveillance and fully autonomous weapons, and the government responded by placing the company on a national-security blacklist. This month it also ordered Anthropic to suspend exports of its latest Mythos and Fable models worldwide, and the New York Times reported the NSA had lost access to Mythos amid the dispute — a thread Resultsense has followed through reports that some users retained Mythos access despite the ban.

Looking forward

For UK security teams, the story cuts two ways. It is a vivid demonstration that frontier models can compress offensive cyber timelines from weeks to hours — the kind of acceleration the Five Eyes alliance has already flagged as a near-term threat. But it also shows the same capability turned defensive, hunting flaws before criminals do. The governance question is who gets to wield it: a capability that strengthens a state’s own systems is, by definition, one that could weaken a rival’s. As access controls tighten around the most capable models, that dual-use tension will only sharpen.

Share this article