It took hours. Not weeks.
Anthropic’s AI model, Mythos, found flaws in highly sensitive US government computer systems before anyone could finish their coffee. A US official told AP that during a joint test with intelligence agencies, the model identified vulnerabilities almost instantly. It didn’t necessarily exploit them that fast. Just found the holes.
Sen. Mark Warner put it bluntly. During a hearing last month, he quoted the NSA and US Cyber Command chief. The tool broke into “almost all of our classified systems” in mere hours.
The test was part of Project Glasswing. Anthropic teamed up with tech firms and agencies. The goal? Secure critical software against the “severe” fallout Mythos could cause. To public safety. National security. The economy. You get the idea.
“This tool broke into almost all of my classified systems, not in weeks, but in hours,” said Gen. Joshua Rudd, attributing the breach speed to the AI’s raw power.
Political Friction
The cooperation hasn’t stopped the fighting. Anthropic, based in California, is rubbing the Trump administration the wrong way. Tensions are rising.
The government wants control. Anthropic worries about the military. Specifically, how the armed forces might weaponize its AI. In response, the White House moved to restrict access to certain models.
A new directive forced Anthropic to block foreign nationals from using its Fable 5 and Mythos 5 models. This came ten days after President Trump signed an executive order. That order lets the federal government vet AI systems for national security risks for up to a month before they go public. Voluntary? Maybe for some. Not for Anthropic.
The company complied. It disabled the models for everyone. But it didn’t buy the logic. Anthropic argued the security concerns didn’t justify the lockdown. They released a limited Fable model publicly. A watered-down version. Because keeping Mythos under a lock was deemed necessary. Too risky otherwise.
The Experts Push Back
So what are we doing now?
Over 100 cybersecurity leaders pushed back. People from Adobe, Nvidia, and elsewhere. They wrote a letter to the government. Their message? Lift the directive.
They warned the move helps US adversaries. It’s a tactical error.
The experts admit Mythos is good. Very good. It finds software flaws and turns them into weapons with ease. But it isn’t unique. The letter was clear: these models aren’t uniquely capable at these tasks.
Security teams already use other foundation models. Open-source options. For audits. For training. Why? Because you have to know how the enemy thinks. You have to know the attack vector.
Removing the best cyber defense capabilities makes no sense. Not without a good reason. Especially when adversaries are moving fast. Faster than us, apparently.
We locked up the key to understanding the lock. Smart. Really.
Is it safer? Maybe.
It certainly feels slower.
