Anthropic Mythos vulnerability sparks CISA probe

Anthropic’s Mythos story is not really “a model had a bug.” It’s bigger than that. Mythos is a cyber-focused frontier model that Anthropic says can find and exploit serious software flaws, and the company is keeping it tightly controlled while handing access to a selected set of defenders. But the gap is obvious now — these systems are arriving faster than the rules for who gets them, how they are monitored, and what happens when access leaks or capabilities outrun oversight. (red.anthropic.com) ### What actually happened? The clean version is this: I could not verify the specific claim that CISA opened a new probe today into an Anthropic “Mythos vulnerability,” or that Anthropic and CISA launched Project Glasswing today in response to a newly disclosed exploit. What is real is that Anthropic launched Project Glasswing in April 2026, CISA has been discussing Anthropic’s Mythos Previe(red.anthropic.com) has also been investigating claims of unauthorized access to an internal Mythos-related system. (anthropic.com) ### What is Mythos? Mythos Preview is Anthropic’s most cyber-capable model so far. The company’s own technical material says the model can reverse-engineer exploits on closed-source software and turn known-but-unpatched vulnerabilities into working exploits. Anthropic also says the model identified zero-days across every major operating system and web browser during testing. That is why the company is not releasing it broadly. (red.anthropic.com) ### So what is Project Glasswing? Project Glasswing is the defensive wrapper around that capability. Anthropic says it is giving Mythos Preview to a limited group of launch partners — including AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, Palo Alto Networks, and the Linux Foundation — plus more than 40 additional organizations that maintain critical soft(red.anthropic.com)he model to find and fix dangerous flaws before attackers do. (anthropic.com) ### Why are people talking about governance? Because access control is now the story. If a model is powerful enough to accelerate vulnerability discovery, then the main risk is not just model behavior in a lab. It is who can use it, what they can point it at, what logs exist, and whether executives can see that risk in time. CISA’s recent guidance on agentic AI security points in exactly that direct(anthropic.com)afer deployment patterns around autonomous systems. (cisa.gov) ### Why does restricted rollout create tension? Because selective access creates winners and laggards. Reporting this week says operational-technology providers are frustrated they were left out of the initial Mythos rollout, even though critical infrastructure is a prime hacking target. Another report makes the same point globally — countries and sectors without access may simply be more exposed while a small club gets a defensive head start. (nextgov.com) ### Is this about one exploit? Not really. The deeper issue is capability management. Anthropic is framing Mythos as a defensive tool, but the same capability that helps a blue team find a flaw can help an attacker weaponize it faster. That dual-use problem is the whole ballgame here. (red([nextgov.com)arked a confirmed new CISA probe today.” I could not verify that. The stronger, truer version is that Anthropic has introduced a cyber model powerful enough to force a live argument about controlled access, public-private coordination, and whether companies have any serious governance layer for agentic security AI yet. (anthropic.com)