Pulse

Security / Jun 24, 2026 / 6 min

Officials Said Mythos Found Classified Bugs After Commerce Banned It

On June 23, U.S. officials confirmed Anthropic's Mythos model found vulnerabilities in classified government systems within hours — twelve days after Commerce forced the same model offline worldwide over a disputed jailbreak.

Thesis Washington's first frontier-AI kill switch did not neutralize a cyber weapon — it silenced the defensive tool U.S. intelligence agencies were using to find holes in classified networks.

Anthropic's Mythos model found vulnerabilities in classified U.S. government systems within hours during intelligence-agency testing — then Washington kept the same model offline for twelve days over a disputed jailbreak, as 126 cybersecurity leaders begged to turn the lights back on and a legal-tech startup sued to stop the shutdown.

What broke:

  • A U.S. official told The Associated Press on June 23 that Mythos identified vulnerabilities in highly sensitive government systems during tests with U.S. intelligence agencies through Project Glasswing — Anthropic's coalition with AWS, Apple, Cisco, Google, JPMorganChase, Microsoft, NVIDIA, and others to scan critical software.
  • The official said Mythos found flaws within hours — but did not exploit them in that window.
  • Sen. Mark Warner (D-VA) had previewed the results at a June 11 Senate Banking Committee hearing, citing NSA and U.S. Cyber Command chief Gen. Joshua Rudd: "This tool broke into almost all of our classified systems, not in weeks but in hours."

What Washington did instead:

  • On June 12, Commerce's Bureau of Industry and Security ordered Anthropic to block foreign nationals from accessing Fable 5 and Mythos 5 — including foreign nationals inside the United States.
  • Fable 5 had launched just three days earlier, on June 9, as a guardrailed public version of Mythos.
  • Anthropic disabled both models for all customers worldwide that evening, saying it had no way to verify user nationality in real time.
  • The government cited a potential jailbreak that could bypass Fable's cyber safeguards. Anthropic said it reviewed the demonstration and found only "minor, already-known bugs" — not a threat warranting a global recall.

The industry pushback:

  • More than 126 cybersecurity leaders signed an open letter to Commerce Secretary Howard Lutnick and National Cyber Director Sean Cairncross, hosted at freefable.org, asking Washington to lift the directive.
  • The letter — whose signatories include executives from Adobe, Google, NVIDIA, Sophos, Veracode, and Zoom — said Mythos models are "quite good" at finding flaws and weaponizing exploits, but "not uniquely good at these tasks."
  • It warned it is dangerous to take away cyber defense capabilities "without a good reason" when America's adversaries are rapidly advancing — and noted China's models are "only months behind" the best American ones.
  • Nozomi Networks CEO Edgard Capdevielle told SC Media: "This suspension weakens defenses. Restricting access to advanced AI does not reduce cyber risk. It creates a massive imbalance at the worst possible time."

The lawsuit:

  • On June 23, San Jose-based Legion LegalTech sued the U.S. government in Washington federal court, challenging the Commerce directive.
  • Legion builds drafting and case-management tools for attorneys and depends on Anthropic's models — including developers who are Canadian nationals working from Canada.
  • Reuters quoted the suit describing "immediate, irreparable and existential" harm and seeking to vacate the directive.
  • Anthropic is not a party to the litigation.

The Glasswing context:

  • Project Glasswing partners had already found more than 10,000 high- or critical-severity vulnerabilities in major operating systems, browsers, and infrastructure code — work Anthropic was expanding to roughly 150 additional organizations.
  • Anthropic formed the initiative because Mythos-class models can "surpass all but the most skilled humans" at finding and exploiting software vulnerabilities — and because that capability will proliferate whether or not defenders can use it.
  • The AP official said testing aimed to secure critical software from the "severe" fallout Mythos-class models could pose to public safety, national security, and the economy.

Why this matters now:

  • Policy incoherence: The same week Five Eyes warned cyber-AI timelines are measured in months, Washington kept offline the model U.S. intelligence agencies were using to stress-test classified networks.
  • Deemed-export overreach: The order applied export-control logic to a cloud API — forcing a global shutdown because Anthropic could not nationality-gate access in real time.
  • Enterprise exposure: Any company that embedded Fable 5 into workflows on June 9 lost access three days later — with no public written threat assessment and no transparent remediation path.
  • Precedent: Legion's suit is the first legal challenge to a frontier-model export ban — and the first test of whether Washington can treat AI access like semiconductor shipments.

Convina's view: Washington did not discover that Mythos is dangerous. Intelligence agencies already knew — they were using it to find holes in classified systems. The kill switch was triggered by a disputed jailbreak on the public Fable variant, then applied so bluntly it disabled the defensive program too. That is not security policy. It is security theater with a twelve-day body count in unpatched vulnerabilities — and every enterprise buyer now has to price the chance that their model vendor's biggest capability can vanish on a Friday evening phone call.

Research Signals

https://apnews.com/article/anthropic-mythos-ai-classified-systems-vulnerabilities-testing-3e8762c0527c4d8ed657cbe48c84a718 https://apnews.com/article/anthropic-trump-fable-mythos-tech-0a87a0f7773255419936af053ad8bdef https://www.anthropic.com/glasswing https://www.scworld.com/news/100-plus-cyber-leaders-experts-urge-feds-not-to-block-fable-access https://www.channelnewsasia.com/business/legal-tech-firm-sues-us-over-order-limiting-foreign-access-top-tier-anthropic-models-6204906 https://www.csis.org/analysis/department-commerce-restricted-access-anthropics-latest-models-what-comes-next