Anthropic’s Mythos AI Model Reportedly Broke Into NSA Classified Systems During Test
9 min. read 
Published on
Anthropic’s Claude Mythos 5 model reportedly broke into almost all classified systems tested by the National Security Agency and U.S. Cyber Command within hours during an authorized red-team evaluation, according to a report from The Economist.
The claim came through Senator Mark Warner, vice chair of the Senate Intelligence Committee, who reportedly said that General Joshua Rudd told him Mythos “broke into almost all of our classified systems, not in weeks, but in hours.” Rudd is the current head of both the NSA and U.S. Cyber Command, according to his official NSA biography.
Access content across the globe at the highest speed rate.
70% of our readers choose Private Internet Access
70% of our readers choose ExpressVPN
Browse the web from multiple devices with industry-standard security protocols.
Faster dedicated servers for specific actions (currently at summer discounts)
The reported test has added a new layer of urgency to the U.S. government’s decision to restrict access to Anthropic’s most advanced models. Anthropic confirmed in a June 12 company statement that the U.S. government issued an export-control directive covering Fable 5 and Mythos 5.
What Anthropic Confirmed
Anthropic said the directive required it to suspend access to Fable 5 and Mythos 5 for any foreign national, whether inside or outside the United States. That also included foreign-national employees at Anthropic itself.
The company said it had to disable both models for all customers because it could not guarantee compliance with the directive in any other way. Anthropic also said access to its other models was not affected.
In its original Claude Fable 5 and Claude Mythos 5 launch post, Anthropic described Mythos 5 as the same underlying model as Fable 5, but with safeguards lifted in some cybersecurity areas for a small group of cyber defenders and infrastructure providers.
Reported NSA Test Versus Anthropic’s Explanation
| Issue | Reported claim | Confirmed public information |
|---|---|---|
| NSA systems test | Mythos reportedly broke into almost all classified systems tested within hours. | No U.S. government agency has issued a full public technical confirmation. |
| Source of the claim | The claim was reported through Senator Mark Warner’s account of what General Joshua Rudd told him. | Rudd officially leads both the NSA and U.S. Cyber Command. |
| Government action | The reported incident appears to have intensified concern around the models. | Anthropic confirmed a government directive limiting access by foreign nationals. |
| Anthropic’s position | The company disputes the scale and rationale behind the shutdown. | Anthropic says the cited issue involved a narrow Fable 5 jailbreak involving known, minor vulnerabilities. |
The distinction matters. A successful authorized penetration test does not mean Mythos independently attacked government systems in the wild. It means the model may have been used inside a controlled evaluation to identify or exploit weaknesses under government supervision.
That still raises major national-security questions. If an AI model can dramatically reduce the time needed to find and exploit vulnerabilities in sensitive networks, the same capability could help defenders patch systems faster or help adversaries move faster if access controls fail.
The Verge reported that the dispute between Anthropic and the Trump administration centered on whether Fable 5 and Mythos 5 were uniquely dangerous, or whether similar cyber capabilities already existed in other frontier models.
Why Fable 5 and Mythos 5 Were Restricted
Anthropic said it received the government directive at 5:21 p.m. ET on June 12. The company said the letter did not provide specific details of the national-security concern.
According to Anthropic, its understanding was that the government had become aware of a method to bypass, or jailbreak, Fable 5. The company said it reviewed a demonstration of that technique and found that it identified a small number of known, minor vulnerabilities.
The company also argued in its public response that other publicly available models could identify the same issues without needing the same bypass. Anthropic said applying this standard across the industry could effectively halt new frontier model deployments.
What Makes Mythos Different
Mythos 5 was not a regular public chatbot model. Anthropic said it was initially available only through Project Glasswing for selected cyber defenders and infrastructure providers, with some cybersecurity safeguards lifted.
The launch announcement said Fable 5 and Mythos 5 shared the same underlying model, but differed in safeguards and access rules. Fable 5 was designed for broader use, while Mythos 5 was intended for trusted cybersecurity use cases.
That setup created a difficult policy problem. A model powerful enough to help defenders secure critical systems may also become dangerous if adversaries gain access to it, especially if it can assist with vulnerability discovery, exploit chaining, or automated intrusion work.
Key Events in the Anthropic Mythos Dispute
| Date | Event | Why it matters |
|---|---|---|
| June 9, 2026 | Anthropic announced Claude Fable 5 and Claude Mythos 5. | The company framed the models as major advances for cyber defense and other advanced work. |
| June 11, 2026 | Senator Warner reportedly described Rudd’s account of the Mythos red-team result. | The claim placed Mythos at the center of a national-security debate. |
| June 12, 2026 | The U.S. government issued an export-control directive to Anthropic. | Anthropic said it had to disable Fable 5 and Mythos 5 for all customers. |
| After June 12, 2026 | Anthropic began negotiations with the U.S. government. | The company has argued that the restrictions are disproportionate and difficult to enforce. |
The government action also appears to mark a notable policy shift. Instead of focusing only on advanced chips or cloud infrastructure, the directive targeted access to specific AI models.
That raises practical questions about enforcement. AI models can be accessed through employees, contractors, cloud providers, enterprise accounts, and API integrations. Blocking all foreign-national access creates compliance challenges for global companies.
The official NSA leadership page says Rudd assumed his role as commander of U.S. Cyber Command and director of the NSA on March 20, 2026. His reported warning about Mythos therefore came less than three months into his tenure.
Anthropic Disputes the Government’s Rationale
Anthropic has not accepted the government’s reasoning as proportionate. The company says the issue shown to the government was narrow and did not amount to a broad universal jailbreak.
The company also says it had tested Fable extensively before launch with government partners, the UK AI Security Institute, private third parties, and internal red teams. It said those tests showed strong safeguards compared with previously deployed models.
According to Verge reporting, Anthropic and its supporters argued that comparable cybersecurity capabilities exist in other models, including OpenAI’s GPT-5.5. That argument could complicate any attempt to restrict only Anthropic’s models.
Why the Report Matters for AI Security
The reported Mythos test points to a bigger issue than one company or one model. Frontier AI systems are becoming more useful for both software engineering and offensive security tasks.
For defenders, that could shorten the time needed to audit large codebases, find known vulnerability patterns, and patch weaknesses across critical systems. For attackers, the same capabilities could accelerate discovery, planning, and exploitation.
- Government agencies may need stricter testing before giving AI models access to sensitive environments.
- AI companies may face new controls based on model capability, not only hardware exports.
- Cyber defenders may need secure access programs for high-capability models.
- Enterprises may need policies for using AI agents in internal networks and codebases.
- Regulators may need a clearer standard for when a model becomes a national-security concern.
What Remains Unclear
Several key details remain unknown. Public reporting has not established which systems were part of the test, what level of access Mythos received, which tools or prompts were used, or whether the model exploited live systems, test replicas, or controlled evaluation environments.
It is also unclear whether the reported NSA result directly caused the export-control directive or whether it was one of several concerns. Anthropic has said the directive did not give detailed reasons, while reporting around the dispute has also referenced jailbreak concerns, Amazon red-team findings, and foreign access worries.
The Economist report helped turn the Mythos episode into a broader debate about whether governments can control frontier AI capabilities once they begin to overlap with cyber offense and intelligence work.
The Bigger Policy Question
For now, the safest way to describe the case is that Mythos reportedly showed exceptional cyber capability during an authorized government evaluation, while Anthropic has confirmed only the export-control order and disputed the government’s stated rationale.
The episode may become a precedent for how the United States treats advanced AI models that can assist with cybersecurity, vulnerability research, or offensive cyber operations.
If future systems continue to improve, regulators may face the same dilemma again: restrict access to the most capable tools, or provide trusted defenders with access before adversaries develop or obtain similar capabilities elsewhere.
FAQ
The claim is reported, not officially confirmed in detail. The Economist reported that Senator Mark Warner said NSA and U.S. Cyber Command chief General Joshua Rudd told him Mythos broke into almost all classified systems tested within hours. Public information does not yet explain the test environment, access level, or technical method.
Fable 5 and Mythos 5 are advanced Anthropic AI models built on the same underlying model. Anthropic described Mythos 5 as a trusted-access version with some cybersecurity safeguards lifted for selected cyber defenders and infrastructure providers.
Anthropic said the U.S. government issued an export-control directive requiring it to suspend access to Fable 5 and Mythos 5 for any foreign national. The company said it disabled both models for all customers to ensure compliance.
No public evidence shows that Mythos acted independently in the wild. The reported incident appears to involve an authorized red-team or evaluation setting. That means the model was likely tested under controlled conditions, not carrying out an unsupervised attack on real government systems.
The case is important because it shows how frontier AI models may become powerful enough to affect national-security policy. It also suggests that future export controls may target AI model access directly, not only chips or computing hardware.
Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more
Improve this guide
User forum
0 messages