Anthropic's Mythos: The AI That Cracked NSA Systems
On Thursday, Commerce Secretary Howard Lutnick sent Anthropic a letter allowing the company to restore access to its most capable AI model for more than 100 U.S. companies and government agencies. Two weeks earlier, those same organizations had lost access entirely.
The two weeks of downtime trace back to a Senate Banking Committee hearing, a controlled cybersecurity test, and a government directive that Anthropic chose to interpret as broadly as possible. Here is the full sequence.
Two Claude models, two very different rules
Anthropic unveiled Claude Mythos 5 in April 2026. The model excels at identifying software vulnerabilities: not just summarizing code or writing documentation, but finding exploitable flaws in complex systems. That capability made it interesting to defense contractors, intelligence agencies, and major financial institutions.
The Claude model most people use is not Mythos 5. In early June, Anthropic released Claude Fable 5, a version with safeguards that block responses in high-risk areas, primarily cybersecurity and biology. Fable 5 is the broadly-available commercial product. Mythos 5 is the version with those safeguards partially lifted, controlled more tightly from the start.
The distinction matters because the government has been treating these two models differently, and is still treating them differently.
What happened when Mythos met the NSA
Before the restrictions, Anthropic ran a controlled test with U.S. intelligence agencies through an initiative called Project Glasswing. The concept was straightforward: let Mythos probe government systems for vulnerabilities, under authorization, and see what it found.
Senator Mark Warner disclosed the results at a June 11 Senate Banking Committee hearing, attributing the finding to Gen. Joshua Rudd, head of the National Security Agency and U.S. Cyber Command: "This tool broke into almost all of our classified systems, not in weeks but in hours."
Worth being precise about: that claim has not been confirmed by any government agency. The test results are classified, and Gen. Rudd has not confirmed the quote on the record. But the Warner disclosure was enough to move policy quickly.
The shutdown
Within two days of the June 11 hearing, the Trump administration issued a directive requiring Anthropic to prevent foreign nationals from using both Fable 5 and Mythos 5, citing national security authorities.
Anthropic's response: total shutdown. Rather than build a nationality-verification system or restrict access at the account level, the company disabled both models for all customers. U.S. organizations with international employees lost access, and Anthropic's own non-American staff could not use the models they were building.
That choice (total shutdown over partial compliance) was the most conservative reading of the directive. Whether it was also the most legally defensible is a separate question Anthropic has not addressed publicly.
The Lutnick letter and what it actually restores
According to TechCrunch reporting, Lutnick's letter states that "a license will no longer be required to export, reexport, or in-country transfer...the Claude Mythos 5 Model to entities identified in Annex A to this letter and their foreign national employees." Anthropic's own non-American employees are also cleared.
The approved list covers more than 100 organizations focused on critical infrastructure and defense. The administration has not published that list.
Fable 5 is not addressed in Lutnick's letter. Negotiations between Anthropic and the administration on broader access are reportedly continuing.
There is also a separate issue the letter does not touch. The Department of Defense has, per reporting from multiple outlets, designated Anthropic a supply chain risk. That label requires defense contractors to certify they will not use Anthropic's Claude models in their military work. That designation came through different legal machinery than the export control directive, and whether Thursday's letter changes it is not clear.
Planning around a model that can go dark
If your organization is on Annex A, Mythos 5 access is restored. If you do not know whether you are on the list, that is a real problem: the administration has not published it, which creates planning uncertainty for organizations trying to evaluate their AI dependencies.
The larger lesson from the past two weeks is about the nature of Anthropic's regulatory position. The White House's request to delay OpenAI's GPT-5.6 release was an informal ask about a timeline. This was mandatory compliance with a national security directive. The mechanisms are different, and so are the enterprise risk implications.
An organization with critical workflows on Claude Mythos 5 now knows access can go to zero in under two weeks, with no advance notice, no published appeal process, and no certainty about when or whether it returns. That is a material risk factor for teams making long-term AI infrastructure decisions.
The June analysis on Mythos and critical infrastructure put the structural tension clearly: an AI that is good at finding vulnerabilities is also, by construction, capable of helping exploit them. The government's current answer is to manage that tension through access control rather than technical restriction. The approved-list approach can work if the list is accurate and stays current. Both of those assumptions deserve scrutiny.
Stay current on AI and chatbots. Subscribe to the About.chat newsletter for weekly coverage.