Inside sources have told Reuters that the Cybersecurity and Infrastructure Security Agency (CISA) is actively using Anthropic’s Mythos to uncover internal security vulnerabilities, despite a standing national security ban on the use of the company’s products.
This is not the first report of a federal government agency continuing to use Mythos after the ban went into effect in April; there have now been multiple reports of the National Security Agency (NSA) making use of it as well. These reports come from anonymous inside sources and have not been confirmed publicly, but they come at a time when organizations increasingly see scanning with Mythos and its modern AI peers to be a new requirement for keeping up with vulnerability remediation.
CISA hacking exercise team reportedly testing with Mythos
One inside source says that the CISA Attack Surface Evaluation team is using Mythos to scan government software for security vulnerabilities. This team performs digital security assessments as well as penetration testing and other active hacking exercises for other federal government agencies. The sources did not provide a detailed account of what agencies the team has been auditing or exactly what scope of work has been done with Mythos thus far, but did say that a “large number” of security vulnerabilities had already been uncovered and that code repositories maintained by the government are a central focus of the work.
The relationship between Anthropic and the US government became contentious in February, when the company announced that it would not allow its products to be used by any government for either domestic surveillance purposes or as a guide for autonomous weapons. That triggered a furious response from President Trump, followed by a “supply chain risk” designation for the company from the Pentagon to start the month of March. This designation forbids use of Anthropic products by federal agencies or some tens of thousands of their private contractors that work on defense-related projects, though impacted groups were given six months to phase out their use of the AI products.
However, the private testing of Mythos that began in April seems to have softened the US government’s view of the situation. Mythos quickly impressed the limited set of organizations that were granted early access to the “Preview” version with its ability to not only quickly locate security vulnerabilities, but find deeply buried issues that had been in place for a decade or more without prior detection. There were media reports from inside sources as early as April that the NSA was continuing to use Mythos for scanning in spite of the ban, continuing into June of this year.
Anthropic has yet to publicly comment about any federal use of its products during the ban period. Reuters reporters indicated they had contacted a CISA representative in June about the reports of agency use of Mythos, but the representative never followed up.
Fable launches with strong guardrails, but automated AI scanning for security vulnerabilities seems inevitable
Transparency is becoming more critical than ever, as the first wave of these “frontier” AI models has become available to the general public within the past two weeks. As Bronwen Aker (AI Research & Strategy Analyst at Black Hills Information Security) observes, the government’s seeming schizophrenia on the status of Anthropic and its level of access to federal systems is not a helpful early signal in this area:
“The federal government can’t seem to decide what it thinks about AI in general, or Mythos, in particular. One week Anthropic is a supply-chain risk, the next week CISA is handing Mythos the keys to scan federal code for vulnerabilities. That inconsistency would be bad enough to start with, but because it’s not clear what Mythos is actually scanning, it’s much, much worse. Is this government-written code, or software built by third-party contractors and vendors? In-house bugs are one problem. Vendor bugs running across federal systems are a supply chain problem, and the public has a right to know which one this is.”
Anthropic’s initial public rollout of Mythos, called “Fable,” was almost immediately put back on the shelf by the US government. Released in early June, the Trump administration wasted little time in demanding that access be cut off to foreign entities; this prompted a global shutdown that lasted until near the end of the month.
Fable has yet to make the sort of huge cybersecurity ripples that were predicted from Mythos, as it is a “limited” release throttled with extra guardrails meant to prevent abuse of it to exploit security vulnerabilities. OpenAI has also just released its GPT-5.6 Sol, thought to potentially have similar capabilities; the company has announced similar stringent guardrails that restrict the model’s ability to reason and to only honor requests for aid with legitimate defensive cybersecurity work.
Last month, the Trump administration issued an executive order directing the creation of a framework by which to hold comparably powerful AI models back from release for up to 30 days until they have been through a government review. The development of that framework is still in progress, however, and the executive order indicates it will be voluntary for developers.
Ensar Seker, CISO at SOCRadar, notes that regardless of these developer limitations organizations must now assume that similarly capable tools are being used to probe them for security vulnerabilities. AI guardrails, after all, have famously been jailbroken over and over since ChatGPT launched in 2022: “The broader implication is that the vulnerability discovery race is accelerating. The same AI capabilities helping defenders identify weaknesses are also becoming available to sophisticated threat actors. Governments and enterprises should assume both sides are using increasingly capable AI systems and adjust their remediation timelines accordingly. Finding vulnerabilities faster only improves security if organizations can also fix them faster.”

