The US Cybersecurity and Infrastructure Security Agency is using Anthropic’s Mythos artificial intelligence model to scan government software for security flaws, Reuters reported, citing three people familiar with the matter.
The development points to growing adoption of Anthropic’s AI tools across US security agencies, even as the company continues to navigate a strained relationship with the White House and the Pentagon.
CISA is using Mythos to examine government code repositories for vulnerabilities that could be exploited by foreign intelligence agencies and cybercriminals, according to the Reuters report.
The audits are being carried out by CISA’s Attack Surface Evaluation team, one of the people said. The unit conducts cybersecurity assessments and simulated hacking exercises across US government agencies.
Two people familiar with the work told Reuters that the audits had already uncovered a large number of vulnerabilities. However, they did not provide details on the severity of the flaws, the agencies affected or how much government software had been reviewed.
A CISA representative had said last month that he would check whether the agency had anything to share on the matter, but did not respond to subsequent emails, the report added.
The use of Mythos comes amid Anthropic’s complicated relationship with the US government. The AI startup, which has confidentially filed for a US initial public offering, faced a major confrontation with the administration in February after it refused to remove safeguards restricting the use of its models for autonomous weapons and domestic surveillance.
The Pentagon subsequently designated Anthropic as a formal supply-chain risk, a classification that had previously been used largely against foreign companies suspected of enabling espionage.
A US judge blocked the designation in March. Tensions have since eased following the private release of Mythos, which has been described as highly capable of identifying and exploiting cybersecurity vulnerabilities.
The National Security Agency has also been using Mythos since at least April, Axios previously reported. The New York Times later reported that NSA analysts had tested the model in classified environments and were impressed by its capabilities.
The relationship came under pressure again after Anthropic released a public version of Mythos called Fable, which included cybersecurity safeguards.
The White House subsequently directed Anthropic to prevent foreign nationals from accessing the model. The demand led to a global shutdown of Fable, which was lifted only last week.
Anthropic, Mythos AI, CISA, US cybersecurity, government software audit, AI code scanning, cybersecurity vulnerabilities, Attack Surface Evaluation, government code repositories, cyber defence, foreign cyber threats, autonomous weapons, domestic surveillance, Pentagon, NSA, Fable AI, White House, Anthropic IPO, artificial intelligence#cyber #agency #CISA #Anthropics #Mythos #audit #government #software1783404725












