Parts of NSA lose Mythos 5 access amid Anthropic supply chain dispute

Parts of the National Security Agency have lost access to Anthropic’s Mythos 5 model following a recent Trump administration export control action against the company, though the agency may still retain more limited ways to use the technology, according to two people familiar with the matter.

Some analysts were notified Friday that they would lose access to Mythos, one of the people said. The agency may still be able to use earlier versions of the technology under prior arrangements, even if access to company support, updates or modifications is now more limited, said the second person. Both were granted anonymity to speak freely about the situation.

The change could disrupt at least some NSA work involving one of the most closely watched AI tools in government, where officials, both in the defense and civilian enterprise, have been testing whether advanced models can help identify software weaknesses in their systems.

The access issues stem from the administration’s decision this month to impose export controls on Anthropic, citing national security concerns, which forced the company to pull back the release of its most advanced models, including Mythos 5 and Fable 5. The decision has raised questions about how U.S. cyber agencies will continue using the technology.

This month, Virginia Sen. Mark Warner, the top Democrat on the Senate Intelligence Committee, said NSA Director Gen. Joshua Rudd had told him that Mythos “broke into almost all of our classified systems, not in weeks, but in hours.” The comment, later cited in a report by The Economist, set off a wave of online speculation that the latest AI systems were already far more disruptive to cybersecurity than previously understood.

The Economist’s defense editor later posted on X that a U.S. official told him Warner had misunderstood Rudd’s comments and that the specific Mythos work was part of a red-teaming effort to test the security of internal networks. Red-teaming efforts are controlled security exercises in which authorized testers try to break into or stress-test systems so an organization can find and fix weaknesses before real attackers exploit them.

The post, citing the official, added that the agency’s red teams no longer have access to Mythos because their authority to use it came through Project Glasswing, launched in April as an effort to give select security researchers and organizations early access to Mythos Preview, a model the company said showed capabilities that could reshape cybersecurity. 

The company later expanded the program to roughly 150 organizations in more than 15 countries, including critical infrastructure operators and cyber defenders, after weeks of work with government, industry and open-source software partners.

Following the Economist post, the New York Times reported details about the NSA losing access to the model.

On Monday, the Five Eyes intelligence alliance warned that frontier AI models could sharply change the cyber threat landscape within months, not years, by helping attackers and defenders move faster.