Anthropic’s Mythos AI Reportedly Cracked Almost All NSA Classified Systems in Hours
- Linux Kernel Removes strncpy After Six Years and 362 Patches
- Linux Kernel Drops 40-Year-Old AppleTalk Protocol — AI-Generated Patch Flood Was the Last Straw
- Apple’s Native Linux Container Tool Has Arrived — But Can It Really Replace Docker?
- 60% of MD5 Password Hashes Can Be Cracked in Under an Hour with a Single GPU
- Dirty Frag: Root Access on Every Major Linux Distribution — No Patch, No Warning
Anthropic’s Mythos AI Reportedly Cracked Almost All NSA Classified Systems in Hours — Triggering an Unprecedented US Government Shutdown
The US Commerce Department ordered Anthropic to pull its two most powerful AI models offline in June 2026, in what is now understood to be the first time export controls have ever been applied directly to an AI model — not chips, not code, but a model itself.
On June 12, 2026, at 5:21 p.m. Eastern Time, a letter arrived at Anthropic’s offices from the US Department of Commerce. It cited national security authorities and carried a single, sweeping instruction: immediately bar every foreign national — including Anthropic’s own non-citizen employees — from accessing the company’s two most powerful AI models, Fable 5 and Mythos 5.
Unable to selectively filter users by nationality at scale in real time, Anthropic made the only decision it legally could: it disabled both models for every user on earth. No prior warning, no court order, no detailed explanation of what, exactly, the government feared.
Ten days later, a Senate briefing finally provided the answer — and the implications shook the technology and intelligence communities alike.
What the NSA Director Reportedly Told Congress
According to reporting by The Economist, Senator Mark Warner — the vice-chair of the Senate Intelligence Committee — disclosed that General Joshua Rudd, who simultaneously leads the NSA and the Pentagon’s Cyber Command, briefed him directly on a startling outcome.
Broke into almost all of our classified systems, not in weeks, but in hours.
— Gen. Joshua Rudd (NSA Director), as quoted by Sen. Mark Warner, June 11, 2026
The statement, which Warner made public on June 11 — one day before the Commerce Department’s directive landed — has not been formally confirmed by any government agency, and the full classified details remain undisclosed. Nonetheless, it has rapidly become the most widely cited explanation for why the administration moved so quickly and so broadly.
Unverified claim: The NSA breach account has not been publicly confirmed by any US government agency. No official documentation of the alleged red-team test results has been released. The NSA, Department of Defense, and White House have declined to formally corroborate Sen. Warner’s account. Anthropic disputes the characterization of the breach and has described the government’s cited jailbreak as narrow and non-universal.
The Red-Team Exercise at the Heart of the Affair
The alleged breach did not happen through a hostile attack. It occurred on June 11, 2026, during an authorized internal red-team evaluation — a controlled security exercise in which the NSA permitted Mythos to probe its own classified infrastructure for vulnerabilities. The purpose was to understand the model’s capabilities before wider government deployment.
By all accounts, the results exceeded anything anticipated. The model reportedly identified weaknesses and gained access across nearly every classified system targeted — completing in a matter of hours what human operators or earlier-generation tools would have taken weeks or months to accomplish, if they succeeded at all.
Notably, the NSA had already been using a restricted version of Mythos — called Mythos Preview — for legitimate cyber operations since early June, with approximately six Anthropic engineers embedded on-site to support the deployment. The model had been tasked primarily with finding vulnerabilities in widely used Microsoft software. Early results had demonstrated the ability to uncover security flaws faster than human analysts could.
The Commerce Department Directive: A Historic First
The letter that arrived on June 12 was issued under the Export Controls Reform Act of 2018, which governs dual-use civilian technologies with potential military applications. Commerce Secretary Howard Lutnick signed the order, citing concerns that the models could be diverted to foreign military or intelligence services.
The directive covered all foreign nationals — a category so broad that it included Anthropic’s own non-citizen research staff. Reportedly, this swept up prominent researchers including Andrej Karpathy, one of Anthropic’s most respected AI scientists, who holds non-US citizenship.
The scope made selective compliance impossible. Verifying every user’s nationality in real time across dozens of global cloud platforms — AWS Bedrock, Google Cloud, Microsoft Foundry, Snowflake, and the direct Claude API — was not technically feasible in the hours available. Anthropic executed a universal shutdown. Both models went dark globally.
Crucially, this marked the first time the United States has applied export controls directly to an AI model rather than to the chips or hardware powering it — establishing a regulatory precedent with profound implications for the global AI industry.
A Timeline of Events
Anthropic introduces Mythos Preview to ~200 vetted partners under Project Glasswing, deeming it too sensitive for public release. Amazon, Apple, Google, Microsoft, Nvidia, JPMorgan, and others are among participants. The model surfaces thousands of zero-day vulnerabilities, including a 27-year-old flaw in OpenBSD.
The NSA begins operating Mythos Preview on classified networks for cybersecurity tasks. Six Anthropic engineers work on-site to support the deployment. Separately, the DoD had already classified Anthropic as a “supply chain risk” as of March 2026 and pursued legal action — while simultaneously relying on Anthropic’s technology.
President Trump signs an executive order calling on AI laboratories to voluntarily share new models with the government before public release — a framework Anthropic did not follow when Fable 5 launched seven days later.
Anthropic launches Fable 5 and Mythos 5 publicly to widespread acclaim. Fable 5, built on the Mythos architecture, can run complex coding tasks autonomously for up to 20 minutes, catch its own logic errors, and deliver working software on the first attempt.
An authorized red-team exercise reportedly allows Mythos to probe NSA classified systems. The model allegedly penetrates nearly all of them within hours. Sen. Mark Warner receives a direct briefing from NSA Director Gen. Joshua Rudd about the results. Separately, Amazon researchers reportedly alert government officials to a potential jailbreak in Fable 5’s safeguards.
The Commerce Department issues a formal export control directive. Anthropic, unable to selectively filter users, disables Fable 5 and Mythos 5 globally within hours. All other Claude models remain unaffected.
The White House confirms President Trump eased national security concerns following a meeting with Anthropic CEO Dario Amodei at the G7 summit in Évian-les-Bains. Sen. Warner publicly discloses Gen. Rudd’s “hours, not weeks” account, which is reported by The Economist.
Fable 5 and Mythos 5 remain offline. Negotiations continue. Anthropic’s identity verification rollout — using passport and facial verification via Persona — is set for July 8, which may enable domestic US access to be restored without fully lifting the export control directive.
Anthropic’s Rebuttal: A Narrow Jailbreak, Not a Systemic Breach
Anthropic has pushed back strongly against the government’s characterization. In its official statement, the company said the jailbreak cited by the Commerce Department was narrow and non-universal — capable of unlocking Mythos’s cybersecurity capabilities only in one specific instance, not as a general bypass of Fable 5’s safeguards.
The company further argued that similar vulnerabilities exist in other publicly available models, including OpenAI’s GPT-5.5, which face no comparable export controls. “If this standard was applied across the industry,” Anthropic wrote, “we believe it would essentially halt all new model deployments for all frontier model providers.”
Former Facebook Chief Security Officer Alex Stamos, who reviewed the underlying research, backed Anthropic’s position, writing on X that “there were some valid findings but no unique capabilities that justify a reaction close to this.” Trump adviser David Sacks disagreed sharply, writing that it was “difficult to fathom how they could claim a jailbreak allowing operability of a cyber weapon could be defined as not serious.”
Regarding the NSA red-team story specifically, Anthropic has described the flagged behavior as the model being asked to analyze a codebase and fix identified issues — not an autonomous offensive intrusion. The company is preparing a collaborative risk management framework with the White House.
Allied Governments Left Without Warning
The directive’s reach extended far beyond US borders. Allied governments within the Five Eyes intelligence alliance — Australia, Britain, Canada, and New Zealand — were caught off guard, with permissions for government agencies, banks, and major firms revoked without prior warning.
Britain’s AI Security Institute, widely regarded as the world’s leading body for testing and stress-testing frontier AI models, was locked out of systems it was actively evaluating. The intelligence agencies of all five nations subsequently issued a rare joint statement warning that “frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities” — and that “the timeline is not years, it is months.”
Former British security minister Tom Tugendhat was blunt: “After a lesson this clear, every nation will be asking what they need to achieve sovereignty.”
What Comes Next
Anthropic has said it is “very confident” that Fable 5 and Mythos 5 will become available again in the coming days. Prediction markets assign a 57% probability to restoration before July 1, and 75% before July 17. The company’s July 8 identity verification rollout may provide the mechanism for the US government to allow domestic access while keeping foreign-national restrictions in place.
The bigger question is what this episode means for the industry as a whole. Europe is watching closely, concerned the same regulatory kill-switch could be applied to services running on Azure, AWS, or Google Cloud. Legal scholars have flagged that no formal guidance has been published, no public filing made, and no court order required — the government showed it can take a frontier AI model offline at will, on a Friday afternoon, without explanation.
Security analysts also question whether the ban is enforceable in practice. Former FBI cyber official Cynthia Kaiser noted that hackers on the black market are already purchasing American identities to access restricted AI models, alongside tools to circumvent safeguards.
Whether Mythos truly cracked NSA’s classified infrastructure in hours — or whether a narrower jailbreak was inflated by institutional alarm — the world has already received the message: commercial AI has reached a capability threshold that governments no longer feel comfortable leaving unregulated, and the rules are being written in real time.
