NSA's Mythos use turns Anthropic feud into an AI security test
Original: Scoop: NSA using Anthropic's Mythos despite blacklist View original →
Axios reports that the National Security Agency is using Anthropic's Mythos Preview, the company's most restricted model, while senior Department of Defense officials continue to describe Anthropic as a supply-chain risk. The gap matters because the Pentagon oversees the NSA: one side of the national-security apparatus is arguing that Anthropic cannot be trusted, while another is reportedly using the model for cyber work.
According to Axios, two sources said the NSA has access to Mythos, and one source said use may be broader inside the department. The article says the exact use case is unclear, but other organizations with access are mainly scanning their own environments for exploitable vulnerabilities. Anthropic has limited Mythos to around 40 organizations because of offensive cyber capability concerns, and only 12 have been named publicly.
The timing sharpens the political tension. Dario Amodei met White House chief of staff Susie Wiles and Treasury Secretary Scott Bessent on Friday to discuss government use of Mythos, Anthropic's security practices, and wider plans. Axios says both sides described the meeting as productive, with next steps expected to focus on how agencies outside the Pentagon engage with the model.
The dispute grew out of contract renegotiations. The department demanded access to Claude for all lawful purposes, while Anthropic pushed to preserve limits around mass domestic surveillance and fully autonomous weapons. That makes Mythos more than a model access story. It is a live test of whether frontier AI vendors can enforce use restrictions when the most urgent buyer is the government itself.
For security teams, the practical signal is that frontier models are moving from policy debate into sensitive vulnerability workflows. If Mythos can help defenders find exploitable flaws faster, federal agencies will want it. If those same capabilities can lower the barrier for offensive operations, procurement decisions will also become safety decisions.
Related Articles
The case matters because it goes to who controls a frontier model after deployment in classified systems. In an April 22 filing described by AP, Anthropic told a U.S. appeals court that it cannot manipulate Claude once the model is inside Pentagon networks, pushing back on the government's supply-chain-risk label.
Cloudflare tested Anthropic's security-specialized Mythos Preview model against their own infrastructure under Project Glasswing. Mythos can chain low-severity bugs into working exploits, demonstrating reasoning comparable to senior security researchers — but with inconsistent safeguards and significant triage overhead.
Google's Threat Intelligence Group detected the first confirmed AI-authored zero-day exploit in the wild—a Python script bypassing two-factor authentication in a popular open-source web admin tool, intercepted before criminals could launch a mass exploitation campaign.