Anthropic's Mythos AI Model Uncovered Classified U.S. Government Vulnerabilities in Hours
In what may be one of the most significant cybersecurity revelations of the artificial intelligence era, Anthropic's advanced AI model reportedly identified critical vulnerabilities in highly classified U.S. government computer systems — not over the course of weeks, but within hours. The disclosure, first confirmed to The Associated Press by an anonymous U.S. official, raises urgent questions about the intersection of AI capability, national security, and the future of critical infrastructure protection.
What Happened: A Secret AI Security Test
According to a U.S. official who spoke on condition of anonymity, Anthropic partnered with U.S. intelligence agencies to conduct a structured testing exercise using the company's most powerful AI model, known as Mythos. During this exercise, the Mythos model was tasked with probing some of the most secure and sensitive computer systems operated by the U.S. government.
The results were striking. The AI identified certain vulnerabilities within hours of beginning its analysis. However, the official was careful to draw an important distinction: identifying a vulnerability is not the same as exploiting it. The model was able to detect weaknesses in the systems, but that does not mean it successfully breached or weaponized those flaws within the same timeframe. Even so, the speed and precision with which Mythos operated sent a clear signal about the growing power of frontier AI models.
Project Glasswing: Anthropic's Initiative for Critical AI Safety
The testing was conducted under the umbrella of an Anthropic initiative called Project Glasswing. According to the anonymous official, this program brought together Anthropic alongside tech giants and other companies with a shared mission: to identify and mitigate the risks that the Mythos model — and AI systems of similar capability — could pose to public safety, national security, and the global economy.
Project Glasswing reflects a broader trend in the AI industry where developers of the most powerful models are beginning to proactively engage with governments and security agencies to understand and contain potential harms before they manifest in the real world. Rather than waiting for adversarial actors to discover what AI can do, Anthropic's approach appears to involve stress-testing its own systems in controlled, authorized environments.
The initiative underscores a fundamental tension that now defines the AI landscape: the same capabilities that make a model like Mythos extraordinarily useful can also make it extraordinarily dangerous if placed in the wrong hands or if its risks are not fully understood before deployment.
Senate Hearing Sheds Light on the Scope of the Findings
The testing exercise did not remain entirely behind closed doors. Democratic Senator Mark Warner of Virginia briefly referenced the exercise during a June 11 hearing before the Senate Committee on Banking, Housing, and Urban Affairs. His comments were pointed and alarming.
"This tool broke into almost all of our classified systems, not in weeks but in hours," Warner stated during the hearing. He attributed this information directly to General Joshua Rudd, the head of the National Security Agency and U.S. Cyber Command — two of the most powerful and secretive security organizations in the United States.
Warner's remarks, though brief, immediately drew attention from cybersecurity experts, lawmakers, and AI researchers alike. The phrase "almost all of our classified systems" is not a minor claim. It suggests that the vulnerabilities identified by the Mythos model were widespread and systemic, not isolated to a single legacy system or outdated network.
Official Responses Remain Tightly Guarded
Despite the weight of the revelations, official responses from the key players involved have been minimal. The NSA declined to comment on the matter, offering no confirmation or denial of Senator Warner's claims or the broader scope of Project Glasswing. Anthropic's own spokesman similarly declined to comment publicly.
This silence is itself telling. The sensitivity of the subject matter — classified government systems, cutting-edge AI capabilities, and national security implications — makes public disclosure complicated and politically fraught. Both Anthropic and the intelligence community appear to be navigating an environment where transparency must be carefully balanced against the risk of providing a roadmap to adversaries.
AI Cybersecurity: A Double-Edged Sword
The Mythos testing episode illustrates a challenge that cybersecurity professionals have long warned about: AI is a fundamentally dual-use technology. The very attributes that make it exceptional at identifying security weaknesses — pattern recognition, rapid data processing, the ability to probe complex systems at scale — are the same attributes that could make it a formidable offensive tool in the wrong hands.
- Speed: Traditional penetration testing can take days or weeks. AI-driven analysis can compress that timeline dramatically, as evidenced by the hours-long window in which Mythos operated.
- Scale: AI models can simultaneously probe multiple systems and vectors, something human teams cannot replicate at the same pace.
- Adaptability: Advanced AI can adjust its approach based on what it encounters, making it harder to defend against using static security measures.
These characteristics make AI an invaluable asset for defensive cybersecurity — but they also make it a serious concern if such systems were ever accessed or replicated by hostile nation-states or criminal organizations.
Tensions Between Anthropic and the Trump Administration
The revelations arrive at a complicated moment in the relationship between Anthropic and federal authorities. Despite their apparent cooperation through Project Glasswing, reports have surfaced of underlying tensions between the California-based AI company and the Trump administration. The nature and depth of those tensions add a layer of political complexity to an already sensitive national security story, raising questions about how AI governance, regulation, and public-private collaboration will evolve in the months and years ahead.
What This Means for the Future of AI and National Security
The Mythos testing exercise, whatever its ultimate classified conclusions, has pushed the conversation about frontier AI capabilities into a new and urgent register. Governments, technology companies, and security agencies around the world will now need to grapple seriously with a simple but profound reality: the most advanced AI models currently in existence can do things that even their creators are still working to fully understand and contain.
Project Glasswing and exercises like it may represent the beginning of a new model for responsible AI development — one where capabilities are rigorously stress-tested before broad deployment, and where the findings, however uncomfortable, are shared with those responsible for protecting the public. Whether that model proves sufficient to address the scale of the challenge ahead remains one of the defining questions of our technological moment.