--- title: "Anthropic's 'Mythos' AI Found Flaws in Classified U.S. Systems During an Authorized Test, AP Reports" description: "A U.S. official told the Associated Press that Anthropic's Mythos AI model identified vulnerabilities in highly secure government computer systems during an authorized red-team exercise — a finding now entangled with a Trump administration order restricting the company's most advanced models." category: "Tech" category_url: https://boursel.com/category/tech author: "Rafael Ortiz" published: 2026-06-24T02:28:00.000Z updated: 2026-06-24T02:28:00.000Z canonical: https://boursel.com/article/anthropic-mythos-classified-systems tags: ["anthropic", "ai", "cybersecurity", "national-security", "nsa"] --- # Anthropic's 'Mythos' AI Found Flaws in Classified U.S. Systems During an Authorized Test, AP Reports A U.S. official told the Associated Press that Anthropic's Mythos AI model identified vulnerabilities in highly secure government computer systems during an authorized red-team exercise — a finding now entangled with a Trump administration order restricting the company's most advanced models. One of Anthropic's artificial intelligence models identified vulnerabilities in highly sensitive U.S. government computer systems during a controlled testing exercise, a U.S. official told [the Associated Press](https://www.wral.com/news/ap/3e876-anthropic-s-mythos-model-found-vulnerabilities-in-classified-us-government-systems-official-says/). The episode — framed by officials as an authorized test, not a breach — has become a focal point in a widening dispute over the national-security implications of frontier AI. The model, called Mythos, was used after Anthropic teamed up with U.S. intelligence agencies to run the tests. The official said Mythos "had identified certain vulnerabilities within hours" but cautioned that this did not mean the model was able to *exploit* them in that time — a distinction between spotting a weakness and actually breaking in. In cybersecurity, a *vulnerability* is a flaw in software or a system that an attacker could potentially use to gain access or cause harm. *Red-teaming* is the authorized practice in which testers deliberately try to break into or stress-test a system so its owner can find and fix weaknesses before real adversaries do. Sources consistently describe the Mythos work as such an assessment, conducted through Project Glasswing — a restricted Anthropic program built to find and fix vulnerabilities in critical software, [Nextgov/FCW reported](https://www.nextgov.com/artificial-intelligence/2026/06/parts-nsa-lose-mythos-5-access-amid-anthropic-supply-chain-dispute/414366/). ## How it surfaced The finding became public through Congress. Democratic Sen. Mark Warner of Virginia, a senior member of the Senate Intelligence Committee, said at a hearing that the tool "broke into almost all of our classified systems, not in weeks but in hours," the AP reported. Warner attributed the assessment to Gen. Joshua Rudd, who leads the National Security Agency and U.S. Cyber Command. The NSA declined to comment. ## A collision with export controls The testing has collided with a separate government action. The Trump administration issued a directive requiring Anthropic to prevent foreign nationals from using its latest models, Fable 5 and Mythos 5, citing national-security authorities. Anthropic complied by disabling both models for all customers to ensure compliance, [according to the company's statement](https://www.anthropic.com/news/fable-mythos-access) — a step that, [Nextgov/FCW reported](https://www.nextgov.com/artificial-intelligence/2026/06/parts-nsa-lose-mythos-5-access-amid-anthropic-supply-chain-dispute/414366/), cost parts of the NSA their access to Mythos because their authority ran through Project Glasswing. Anthropic has pushed back on the severity implied by the order, saying it did not believe the government's steps were warranted by the concerns raised. The company said the issue centered on a possible "jailbreaking" technique — a way of coaxing a model past its safeguards — and that it had received only verbal evidence of a "narrow, non-universal" version. It added that it had red-teamed its safeguards for thousands of hours with the U.S. government, the U.K. AI Safety Institute and outside experts before launch. The model's offensive edge is also contested. More than 100 cybersecurity experts told the government that Anthropic's Mythos models are "quite good" at finding software flaws but "not uniquely good" compared with other tools, [the AP reported](https://www.wral.com/news/ap/3e876-anthropic-s-mythos-model-found-vulnerabilities-in-classified-us-government-systems-official-says/). ## Why it matters For the AI and national-security business, the dispute crystallizes a tension regulators have long flagged: the same capabilities that make a model valuable for *defending* critical systems can also be viewed as a proliferation risk warranting export controls. The White House, the Defense Department and Anthropic did not immediately respond to the AP's requests for comment, and the full scope of the vulnerabilities — and which specific agencies or programs were involved — remains unconfirmed.