Anthropic AI Uncovers 'Large Number of Vulnerabilities' Inside US Government Code
US cyber agency CISA is using Anthropic's Mythos AI model to scan federal software for security flaws, with audits already uncovering a large number of vulnerabilities, according to Reuters.
The United States Cybersecurity and Infrastructure Security Agency (CISA) is deploying Anthropic's AI model Mythos to audit federal software for security weaknesses, with early results already raising concerns inside government, Reuters reported on July 6.
Bugs in the Code
CISA is using Mythos to scan government code repositories for bugs that could leave the door open for foreign spies and cybercriminals. The scanning is being carried out by CISA's Attack Surface Evaluation team, a group within the agency that conducts digital security assessments and hacking exercises across government.
Two sources said the audits had already uncovered a large number of vulnerabilities but did not elaborate. Reuters could not establish exactly how much government code the team had gone through, or the nature or severity of the bugs it discovered. Anthropic did not respond to questions about the initiative, and a CISA representative did not answer follow-up emails.
Government interest in Mythos appears to extend beyond CISA. The National Security Agency has reportedly been using the model since at least April, despite an earlier blacklisting. NSA analysts had been testing Mythos in classified settings and coming away impressed with its capabilities, the New York Times reported.
A Turbulent Relationship With Washington
The CISA deployment comes after a difficult period between Anthropic and the US government. Relations reached a low point in February after the San Francisco-based company refused to remove safeguards that prevented its AI from being used for autonomous weapons or domestic surveillance. The Pentagon responded with a formal supply-chain risk designation, a label typically reserved for foreign firms suspected of aiding espionage. A judge blocked that move in March.
The conflict eased following the private release of Mythos, an AI model described as extremely capable at finding and exploiting cybersecurity vulnerabilities. When Anthropic later rolled out a public version of Mythos called Fable, which included cybersecurity safeguards, the White House demanded it ban foreigners from running the model, triggering a global shutdown that was lifted only last week.
Anthropic, which has confidentially filed for a US initial public offering, has had a tumultuous relationship with the US government. The CISA project nonetheless signals that federal agencies are pressing ahead with AI-assisted security tooling, even as policy tensions remain unresolved.
Sources:
Rappler: US cyber agency is using Anthropic's Mythos to audit government code, sources say
Benzinga: Anthropic's Mythos AI Reportedly Helping Find Weaknesses in US Government Software
Latest News
Read More...
Author
Soumen DattaSoumen has been a crypto researcher since 2020 and holds a master’s in Physics. His writing and research has been published by publications such as CryptoSlate and DailyCoin, as well as BSCN. His areas of focus include Bitcoin, DeFi, and high-potential altcoins like Ethereum, Solana, XRP, and Chainlink. He combines analytical depth with journalistic clarity to deliver insights for both newcomers and seasoned crypto readers.













