A U.S. official told The Associated Press that one of Anthropic's models identified vulnerabilities in highly sensitive U.S. government computer systems during a testing exercise, adding that identifying vulnerabilities did not mean the model was able to exploit them within the same timeframe. Senator Mark Warner said Gen. Joshua Rudd - who leads both the NSA and U.S. Cyber Command - told him Mythos "broke into almost all of our classified systems, not in weeks but in hours," a claim first reported by The Economist. The New York Times reports the NSA lost access to the model after the Trump administration imposed export controls - the first ever applied directly to an AI model - requiring Anthropic to restrict Mythos 5 and Fable 5 to U.S. citizens only. The Wall Street Journal reported researcher Nicholas Carlini demonstrated Mythos finding critical bugs in Ghost and Linux. Five Eyes intelligence agencies issued a rare joint statement warning AI will 'fundamentally transform' offensive and defensive cyber capabilities within months. Trump told Axios on June 19 he no longer views Anthropic as a national security threat.
What happened
A U.S. official told The Associated Press that Anthropic's Mythos model had identified vulnerabilities in highly sensitive U.S. government computer systems during an authorized testing exercise. The official clarified that identifying vulnerabilities did not necessarily mean the model was able to exploit them within the same timeframe. Senator Mark Warner said Gen. Joshua Rudd - who leads both the National Security Agency and U.S. Cyber Command - told him Mythos "broke into almost all of our classified systems, not in weeks but in hours," a claim first reported by The Economist based on a June 11 Senate briefing. The New York Times reports the NSA subsequently lost access to the tool after the Trump administration imposed export controls restricting Mythos 5 and Fable 5 to U.S. citizens only - the first time the U.S. has applied export controls directly to an AI model rather than to hardware.
Technical details
The Wall Street Journal reports researcher Nicholas Carlini demonstrated using Mythos to find and exploit critical bugs in a web-publishing package called Ghost and in the Linux operating system. The official trigger for the ban was a jailbreak: the government notified Anthropic on June 12 of a method for circumventing Fable 5's safety classifiers. Anthropic pushed back, describing it as a "narrow, non-universal jailbreak" and noting that similar vulnerabilities exist in other publicly available models including OpenAI's GPT-5.5, which are not subject to comparable export controls. The company said the directive was not warranted and that applying this standard across the industry "would essentially halt all new model deployments for all frontier model providers."
Broader response
Five Eyes intelligence agencies - the U.S., UK, Canada, Australia, and New Zealand - issued a rare joint statement warning that frontier AI models would "fundamentally transform both offensive and defensive cyber capabilities" on a timeline of "months, not years." The UK AI Security Institute, which evaluates frontier AI models, was cut off from access without warning. More than 100 cybersecurity experts and leaders from companies including Adobe and Nvidia signed an open letter urging the administration to restore access, stating that Mythos models are "quite good" at finding flaws and weaponizing exploits - but "not uniquely good at these tasks" - and that restricting them harms defenders more than adversaries.
Industry context
Mythos had already uncovered thousands of real-world vulnerabilities, including a 27-year-old flaw in OpenBSD, through its controlled Project Glasswing access program of roughly 200 vetted partners including Amazon, Apple, Google, Microsoft, Nvidia, JPMorgan, and the Linux Foundation. For practitioners, organizations using large models for security research or vulnerability discovery should expect increased scrutiny on how testing is conducted, how results are handled, and how access is provisioned across jurisdictions. Isolated test environments, controlled red-teaming, and clear legal agreements for handling exploit code become more operationally urgent when models demonstrably accelerate vulnerability discovery.
What to watch
As of late June, Fable 5 and Mythos 5 remain offline for most users, though Trump told Axios on June 19 that he "no longer views Anthropic as a national security threat." Anthropic's identity verification policy, set to take effect July 8, could allow the company to restore Fable 5 domestically without requiring the export control directive to be fully lifted. Watch congressional hearings for any declassified technical detail, Commerce Department guidance on AI export controls, and whether gated access programs like Project Glasswing become a template for responsible dual-use AI deployment.
Bottom line
The reporting combines multiple high-stakes sourced claims: AP on a U.S. official describing vulnerability discovery (with the important nuance that identification differs from full exploitation), The Economist and NYT on the Warner/Rudd briefing and lost NSA access, WSJ on researcher demonstrations, and TechSpot on the Five Eyes response and broader political context. Together they illustrate the first episode in which the U.S. government applied export controls to an AI model itself, a governance precedent that allies and adversaries are already tracking closely.
Scoring Rationale #
Anthropic's Mythos model penetrated NSA classified systems during an authorized red-team exercise per Senate testimony, triggering the first-ever U.S. export controls applied directly to an AI model. The Five Eyes joint warning, 100+ expert letter, and Trump's subsequent Axios walkback illustrate the geopolitical and regulatory weight of this landmark event. Score reflects a major national-security AI moment with direct consequences for security practitioners and model-access governance.
Practice interview problems based on real data
1,500+ SQL & Python problems across 15 industry datasets — the exact type of data you work with.