[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYhQ-M3UoHFPAzBOvjR208TysRJQBxxk2OZNrZkLqHSQ":3},{"article":4,"iocs":55},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":32,"category":33,"article_tags":37},"cf63465c-22b6-4d4b-a0af-b05664cdbc13","Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says","anthropic-s-mythos-model-found-vulnerabilities-in-classified-us-government-syste-dcc72e","Come vulnerabilities were found within hours, but that does not mean the model was able to exploit them within that time, the official said. The post Anthropic’s Mythos Model Found Vulnerabilities in Classified US Government Systems, Official Says appeared first on SecurityWeek.","During a testing exercise, Anthropic's Mythos AI model identified vulnerabilities in classified U.S. government systems within hours. This testing was part of Project Glasswing, an initiative involving tech giants and intelligence agencies to secure critical software. While the model found flaws, officials clarified it did not exploit them.","Anthropic's Mythos AI model identified vulnerabilities in classified US government systems during testing.","A U.S. official told The Associated Press on Tuesday that one of Anthropic’s artificial intelligence models had identified vulnerabilities in highly sensitive and secure U.S. government computer systems during a testing exercise. The official, who spoke on the condition of anonymity to discuss the matter, said Anthropic had teamed up with U.S. intelligence agencies to conduct tests using the company’s Mythos model. It had identified certain vulnerabilities within hours, but that does not mean the model was able to exploit them within that time, the official said. The official said the testing was done through an Anthropic initiative called Project Glasswing, which brought together tech giants and other companies in hopes of securing the world’s critical software from “severe” fallout that the Mythos model could pose to public safety, national security and the economy. Democratic Sen. Mark Warner of Virginia had briefly mentioned the testing during a June 11 hearing before the Senate Committee on Banking, Housing, and Urban Affairs. Warner had said, “This tool broke into almost all of our classified systems, not in weeks but in hours.” He attributed the information to the head of the National Security Agency and U.S. Cyber Command, who is Gen. Joshua Rudd. The NSA declined to comment on the matter in an email. An Anthropic spokesman also declined to comment. Despite the recent cooperation between Anthropic and U.S. agencies to test for vulnerabilities, tensions between the California company and the Trump administration have been growing. Anthropic has raised concerns over how the U.S. military would use its AI, while the administration has restricted the use of some of Anthropic’s models.Advertisement. Scroll to continue reading. The administration issued a directive earlier this month requiring Anthropic to prevent foreign nationals from using its latest artificial intelligence models, known as Fable 5 and Mythos 5. Anthropic released Fable widely earlier this month. That model is a limited version of the more advanced Mythos, to which the company has tightly limited access due to cybersecurity fears. The directive came 10 days after President Donald Trump signed an executive order to establish a framework for the federal government to vet the national security risks of the most advanced AI systems for up to a month before their public release. Participation by AI developers would be voluntary, the order said. Anthropic said it disabled the models for all of its customers to comply with the administration’s directive. The AI giant said it did not believe the steps taken by the government were warranted by the concern it flagged about a potential security issue. A group of cybersecurity executives has also asked the Trump administration to lift its directive, saying the move could help U.S. adversaries more than it hurts them. More than 100 cybersecurity experts and leaders from companies including Adobe and Nvidia told the government in a letter that Anthropic’s Mythos models are “quite good” at finding flaws in software and weaponizing exploits — but they are ”not uniquely good at these tasks.” Many of the letter’s signatories said they regularly use other foundation and open-source models for security audits and training. The letter said it is dangerous to take away the best cyber defense capabilities “without a good reason” when America’s adversaries are rapidly advancing. Learn More at the AI Risk Summit | Ritz-Carlton, Half Moon Bay Related: Anthropic: Mythos Detected 23,000 Potential Vulnerabilities Across 1,000 OSS Projects Related: Mythos Proves Potent in Vulnerability Discovery, Less Convincing Elsewhere Related: The Mythos Moment: Enterprises Must Fight Agents with Agents Written By Associated Press Daily Briefing Newsletter Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights. More from Associated Press French President Urges US to Share Cutting-Edge AI and Democracies to Cooperate on RegulationCybersecurity Executives Urge the Trump Administration to Ease Restrictions on Anthropic AI ModelsAnthropic Says It Has Taken Its Latest AI Models Offline to Comply With New Export ControlsFBI Seizes 13 Websites That Officials Say Were Used by China to Target and Recruit US WorkersAnthropic Urges Industry Coordination to Allow for a ‘Pause’ in AI Development if Risks GrowTrump Signs Executive Order That Invites Vetting of Top AI Models for National Security RisksAs the Pentagon Pushes for Battlefield AI, Some Military Leaders Urge CautionRussian Spies Are Aggressively Seeking Western Technology as Sanctions Bite, Officials Say Latest News Dragos Unveils AI for OT Security Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million AppsEight-Year-Old Samsung KNOX Flaw Exposed Millions of Galaxy Devices to Kernel AttacksCISO Conversations: Carl Froggett – Combining CISO and CIO at Deep InstinctAlgerian Man Extradited to US for Running Cybercrime MarketplacesFFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS AppliancesOpenAI Refocuses Cybersecurity Efforts on Patching Over DiscoveryRussian Initial Access Broker Behind FortiBleed Campaign Trending Daily Briefing NewsletterSubscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts. Webinar: How Modern Breaches Bypass MFA and Evade Detection June 17, 2026 Today’s attackers are no longer breaking in — they’re logging in. Join this live webinar as we break down the modern identity attack chain and examine how recent breaches exploited weaknesses in authentication, identity verification, and access management processes. Register Webinar: Modern Exposure Validation in the AI Era June 24, 2026 AI has accelerated both sides of the fight. Adversaries are weaponizing vulnerabilities faster, while defenders are racing to ship detections and configurations. Join this live webinar as we explore how to prove your controls actually hold against new threats, map your security maturity, and unite breach simulation with automated pentesting into a single, coordinated program. Register People on the MoveSolarWinds has appointed Justin Henkel as Chief Information Security Officer.J. Paul Haynes has joined Cinchy as Chief Executive Officer.Hatem Naguib has become Chief Executive Officer at Sysdig.More People On The MoveExpert Insights What the Latest ShinyHunters Breaches Reveal About Modern Cyberattacks Groups like ShinyHunters are demonstrating that attackers do not necessarily need malware or zero-day exploits to cause massive damage. (Torsten George) No Exploits Required Four decades of incident response experience suggest that exploits are often the symptom, not the root cause, of today’s cybersecurity failures. (Tod Beardsley) After AI Reaches Production: 12 Ways Security Teams Can Take Control Security teams need more than visibility into AI applications, they need a repeatable framework for monitoring, investigating, and defending them in production. (Joshua Goldfarb) Everybody Is Vibe Coding But Nobody Told the Security Team AI-driven development is not something organizations can or should block. But it must be governed. (Danelle Au) The Zero-Knowledge Threat Actor and the End of Responsible Disclosure AI can help attackers generate malware, create malicious payloads, bypass simple security checks, and convert vague malicious intent into functional code. (Etay Maor) Flipboard Reddit Whatsapp Whatsapp Email","https:\u002F\u002Fwww.securityweek.com\u002Fanthropics-mythos-model-found-vulnerabilities-in-classified-us-government-systems-official-says\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002FClaude-Mythos.jpeg","2026-06-24T03:29:58+00:00","2026-06-24T04:00:15.024602+00:00",8,[18,21,24,26,28,30],{"name":19,"type":20},"Mythos","product",{"name":22,"type":23},"Anthropic","vendor",{"name":25,"type":20},"Fable 5",{"name":27,"type":20},"Mythos 5",{"name":29,"type":20},"Adobe",{"name":31,"type":20},"Nvidia","839da5c1-3c34-47e2-9499-f7201640e3ac",{"id":32,"icon":34,"name":35,"slug":36},null,"AI Security","ai-security",[38,43,48,50],{"category":39},{"id":40,"icon":34,"name":41,"slug":42},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":44},{"id":45,"icon":34,"name":46,"slug":47},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":49},{"id":32,"icon":34,"name":35,"slug":36},{"category":51},{"id":52,"icon":34,"name":53,"slug":54},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[]]