A U.S. government official has revealed that an artificial intelligence model built by the company Anthropic managed to locate security flaws in some of the most sensitive and protected computer systems in the country — and it did so in a matter of hours.
The official, who agreed to speak with The Associated Press only under the condition that their identity not be disclosed, said Anthropic partnered with U.S. intelligence agencies to run tests using the company’s AI model known as Mythos. While the model pinpointed certain vulnerabilities within hours, the official was careful to note that finding those weaknesses is not the same as being able to take advantage of them in that same timeframe.
According to the official, the testing took place under an Anthropic program called Project Glasswing, which brought together major technology companies and other businesses. The goal was to help protect critical software around the world from what officials described as “severe” risks that the Mythos model could pose to public safety, national security, and the economy.
The testing had already been briefly referenced publicly during a June 11 hearing before the Senate Committee on Banking, Housing, and Urban Affairs. Democratic Sen. Mark Warner of Virginia mentioned it at the time, stating, “This tool broke into almost all of our classified systems, not in weeks but in hours.” Warner attributed that information to Gen. Joshua Rudd, who leads both the National Security Agency and U.S. Cyber Command.
When reached for comment, the NSA declined to respond. A spokesperson for Anthropic also chose not to comment.
Even as Anthropic has been working alongside U.S. agencies on security testing, its relationship with the Trump administration has grown increasingly strained. The California-based company has raised concerns about how the U.S. military intends to use its AI technology, while the administration has moved to limit access to certain Anthropic models.
Earlier this month, the administration issued a directive requiring Anthropic to block foreign nationals from using its newest AI models, referred to as Fable 5 and Mythos 5. Anthropic had recently released Fable to the general public — a scaled-back version of the more powerful Mythos, which the company has kept under tight restrictions because of cybersecurity concerns.
That directive came just ten days after President Donald Trump signed an executive order establishing a process for the federal government to evaluate national security risks tied to the most advanced AI systems — giving officials up to a month to review them before public release. The order specified that participation by AI developers would be voluntary.
To comply with the administration’s directive, Anthropic said it shut off access to those models for all of its customers. The company also stated that it did not believe the government’s concerns justified the actions that were taken.
A group of cybersecurity executives has since urged the Trump administration to reverse the directive, warning that it could end up benefiting America’s adversaries more than harming them. More than 100 cybersecurity professionals and leaders from companies including Adobe and Nvidia signed a letter to the government stating that Anthropic’s Mythos models are “quite good” at uncovering software flaws and turning them into weapons — but are “not uniquely good at these tasks.”
Many of those who signed the letter said they routinely rely on other AI models, including open-source options, for security audits and training purposes. The letter warned that stripping away top-tier cyber defense tools “without a good reason” is dangerous at a time when the United States’ adversaries are rapidly building up their own capabilities.
