“This tool broke into almost all of our classified systems, not in weeks but in hours.” Those words came from Gen. Joshua Rudd of the NSA and U.S. Cyber Command, relayed by Sen. Mark Warner at a Senate Banking Committee hearing, according to CNBC. The tool: Anthropic’s unreleased Claude Mythos Preview, directed at highly sensitive government networks during a sanctioned testing exercise with U.S. intelligence agencies. The broader context of AI infrastructure investment — including the Stargate Project — makes clear how rapidly these capabilities are scaling.
An anonymous U.S. official confirmed to the Associated Press that Mythos rapidly identified vulnerabilities in “highly sensitive and secure” government systems. The official added a critical nuance: discovering weaknesses quickly does not mean exploiting them in the same timeframe. That distinction matters more than the headline suggests. This was a controlled, directed exercise — not an AI operating unsupervised inside Pentagon servers.
Still, the documented capabilities are sobering:
- Thousands of previously unknown zero-day vulnerabilities found across every major operating system and browser
- Working exploits produced on the first attempt in over 83% of cases, per ArmorCode’s analysis of Anthropic data
- A 27-year-old OpenBSD bug and a 16-year-old FFmpeg flaw uncovered — both missed by decades of automated tools and human review
- The UK AI Safety Institute confirmed Mythos can autonomously attack small, weakly defended enterprise systems once it has network access
The Skeleton Key Problem
Anthropic built a coalition to deploy Mythos defensively — because the alternative is letting equivalent capabilities emerge elsewhere without guardrails.
Anthropic has not released Mythos publicly. Instead, Project Glasswing channels access through vetted partners — AWS, Apple, Google, Microsoft, NVIDIA, CrowdStrike, JPMorgan Chase, and roughly 40 other organizations maintaining critical global software. Together, they’ve surfaced more than 10,000 high- or critical-severity flaws across their codebases. Crucially, Anthropic says those cyber capabilities weren’t specifically engineered into Mythos. They emerged as a side effect of raw capability improvements — an emergent property, not a designed feature.
Cloudflare CSO Grant Bourzikas called Mythos “a real step forward” for attacker-style capabilities, according to Politico. That same power, aimed defensively, patches vulnerabilities before adversaries find them. For a sense of how AI-powered websites are already reshaping productivity on the constructive side, the contrast is instructive. Aimed elsewhere, it hands nation-states a skeleton key to your infrastructure — and your infrastructure means everyone’s.
The governance vacuum is now the central problem. Your software stack, your bank’s systems, the grid powering your city — all of them potentially carry bugs that Mythos can find faster than any human team. Readers alarmed by these risks may find sobering historical context in documented tech scandals that exploited millions before accountability caught up. The real question isn’t whether AI can identify weaknesses in classified systems. That test delivered its answer in hours. The question is whether the institutions responsible for securing those systems — and the policies governing tools like Mythos — can move faster than the models designed to expose them. Concerns about digital overreach extend beyond AI capabilities alone; a recent report found the White House app secretly tracking users every four minutes, underscoring how government digital security failures cut in multiple directions.
