CISA Deploys Anthropic’s Mythos AI to Detect Vulnerabilities in Government Code

iconCryptoBriefing
Share
AI summary iconSummary

The US government’s top cybersecurity agency is now running one of the most powerful AI models ever built against its own code. The Cybersecurity and Infrastructure Security Agency has obtained full access to Anthropic’s Mythos Preview model, putting machine learning to work on the decidedly unglamorous but critical task of finding security holes in government computer systems.

From excluded to all-access

When Anthropic first briefed the agency and the Commerce Department on the model’s capabilities back in April 2026, CISA was notably left out of the initial access cohort. That first group included roughly 50 organizations, and CISA wasn’t among them.

Advertisement

By mid-June 2026, CISA had secured full access to the model under Anthropic’s Project Glasswing initiative, a broader program designed to enhance code analysis across critical infrastructure and government sectors. Project Glasswing had just expanded in early June to approximately 150 additional partner organizations spanning more than 15 countries. CISA’s inclusion came shortly after that expansion.

What Mythos actually does

During testing exercises with intelligence agencies, the Mythos model reportedly uncovered vulnerabilities in classified systems within hours. The traditional timeline for that kind of work? Weeks, at minimum.

No specific metrics on CISA’s internal deployment results have been disclosed yet. But the fact that the agency moved from being excluded in April to demanding full access by June tells its own story about what preliminary testing revealed.

The bigger picture for Anthropic and AI security

Anthropic is navigating real complexity here. Using AI for both offensive and defensive cybersecurity raises questions that don’t have clean answers. Export controls on advanced AI models remain a live policy debate. Military applications hover at the edge of every government AI deployment.

The expansion of Project Glasswing to over 15 countries adds another layer. International partners gaining access to the same model that audits US government code creates shared capability, but also shared risk.

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.