Published on •Updated
An AI model developed by Anthropic has identified vulnerabilities in highly sensitive US government computer systems during a testing exercise, a US official told the Associated Press.
The official, who spoke on condition of anonymity, said Anthropic had teamed up with US intelligence agencies to conduct the tests using the company’s Mythos model.
It identified certain vulnerabilities within hours, though that did not mean the model was able to exploit them within that time, the official said.
The testing was carried out through an Anthropic initiative called Project Glasswing, which brought together technology companies in a bid to secure critical software from the “severe” fallout that Mythos could pose to public safety, national security and the economy.
Democratic Senator Mark Warner of Virginia had briefly mentioned the testing during a 11 June hearing before the Senate Committee on Banking, Housing, and Urban Affairs.
“This tool broke into almost all of our classified systems, not in weeks but in hours,” he said, attributing the information to the head of the National Security Agency (NSA) and US Cyber Command, General Joshua Rudd.
Growing tensions
Despite the cooperation between Anthropic and US agencies, tensions between the California-based company and the Trump administration have been growing.
Anthropic has raised concerns over how the US military would use its AI, while the administration has moved to restrict the use of some of its models.
Earlier this month, the administration issued a directive requiring Anthropic to prevent foreign nationals from using its latest models, known as Fable 5 and Mythos 5.
Anthropic released Fable widely this month — a limited version of the more advanced Mythos, to which the company has tightly restricted access due to cybersecurity concerns.
The directive came 10 days after President Donald Trump signed an executive order establishing a framework for the federal government to vet national security risks posed by the most advanced AI systems for up to a month before their public release.
Participation by AI developers would be voluntary, the order said.
Anthropic said it disabled the models for all customers to comply with the directive, but added it did not believe the government’s steps were warranted by the security concern it had flagged.
Industry pushback
More than 100 cybersecurity experts and leaders from companies including Adobe and Nvidia have written to the government urging it to lift the directive, warning the move could benefit US adversaries more than it harms them.
In their letter, the signatories said Anthropic’s Mythos models are “quite good” at finding software flaws and weaponising exploits — but “not uniquely good at these tasks.”
Many said they regularly use other foundation and open-source models for security audits and training, and warned it was dangerous to remove the best cyber defence capabilities “without a good reason” at a time when America’s adversaries are rapidly advancing.