Some news reads like a techno-thriller — and is real anyway. The Associated Press reports that Anthropic’s frontier model Mythos uncovered vulnerabilities in highly sensitive, classified government systems during a test conducted with US intelligence agencies. The remarkable part: it only took hours.
What actually happened
A US government official told the AP that Mythos identified certain vulnerabilities within hours. One important caveat: finding a vulnerability isn’t the same as being able to exploit it — the model spotted the flaws, it didn’t actively compromise anything. Still, the speed is the real shock here.
It had already been hinted at publicly earlier this month. Democratic Senator Mark Warner of Virginia said something at a June 11 Senate Banking Committee hearing that sticks with you: “This tool broke into almost all of our classified systems, not in weeks but in hours.” Warner was citing General Joshua Rudd, head of the NSA and US Cyber Command.
The Glasswing context
The test ran through Project Glasswing, Anthropic’s initiative to secure critical software. The thinking behind it: if a model like Mythos can find holes this fast, you’d rather put it to work on defense before someone else uses it for offense. The finding fits an observation Anthropic has been making for a while — that the bottleneck in cyber defense is shifting away from finding vulnerabilities toward patching them fast enough.
The strained relationship with Washington
As cooperative as this test looks, the situation around it is tense. Friction between Anthropic and the Trump administration keeps growing. Anthropic has raised concerns about how the US military would use its AI — while the administration, in turn, has restricted access to some Anthropic models, including a directive to keep foreign nationals away from the latest Fable 5 and Mythos 5.
My take
This story is a case study in dual use. The very capability that makes Mythos a powerful defensive tool is exactly what keeps regulators up at night. The fact that a commercial model does in hours what security teams normally need weeks for is impressive and unsettling at the same time. I think it’s right that Anthropic tests these abilities defensively first — but the gap between “found the hole” and “closed the hole” has rarely mattered as much as it does now.
Sources: CNBC: Anthropic’s Mythos model found vulnerabilities in classified U.S. systems, Anthropic: Project Glasswing