Claude Mythos broke into classified US systems in hours; What’s safe now?

When the Associated Press reported that an unidentified US government official told them that Anthropic’s Claude Mythos found cracks at the highest levels of sensitive US government computer systems in a matter of hours, instead of weeks as expected, it’s time to ask the big question: If the most hardened systems in the world can’t withstand this model, what can?

Do other governments and crypto projects even stand a chance? 

And apparently, this unidentified government official may not be the only person privy to the full capacity of Anthropic’s latest frontier models. During a congressional hearing earlier in the month, Senator Mark Warner of Virginia, citing NSA chief General Joshua Rudd, called it bluntly: “This tool broke into almost all of our classified systems, not in weeks, but in hours.”

Has Mythos broken into classified US systems? 

The unidentified US official cited by AP clarified that while Mythos found weaknesses within hours, the model did not exactly exploit them in the same timeframe. That distinction, at least, counts for something. 

The US has been testing its defense and intelligence systems against Anthropic’s models’ capabilities as part of Project Glasswing, a restricted cybersecurity program meant to find and patch software flaws before bad actors can exploit them. 

As Cryptopolitan reported at the time, Anthropic first broke the internet by disclosing that Mythos Preview autonomously uncovered thousands of zero-day vulnerabilities across every major operating system and web browser. 

The holy grail at the time was the flaw it uncovered in OpenBSD, an operating system built specifically around security. That vulnerability had gone undetected for 27 years across several rounds of human review. 

The 16-year-old bug it found in FFmpeg, a video processing library used across the software industry, had been tested five million times before Mythos looked at it.

Separately in its own testing program, the UK’s AI Security Institute found that Mythos could breach defenses and systems 73% of the time, according to the BBC.

AI has overtaken the quantum threat to crypto 

The quantum threat has been consistently propped up as the dominant threat to crypto and decentralized systems. However, AI models have launched a strong bid to rearrange the pecking order, especially as the quantum threat remains on an unspecified timeline. 

It was Mythos that discovered a critical vulnerability that had gone undetected in Zcash’s Orchard shielded pool for four years in early June. It was also the model that the project turned to for an independent audit when it patched it, Cryptopolitan reported, but that was after ZEC had already crashed 53%.

The confidence around Bitcoin comes from over a decade of going over the top with adversarial reviews and deliberately holding off on tinkering with core code. However, OpenBSD operates under the same philosophy, and Mythos still found flaws. 

Cryptopolitan reported earlier in the week that Q2 2026 is already on pace to be a record quarter for hacks, and that explosion is not unconnected to the accessibility of AI tools for bad actors.

Washington can’t decide what to do

The US government’s response to Mythos has been contradictory. On one hand, intelligence agencies partnered with Anthropic through Glasswing to use the model defensively. On the other hand, the Commerce Department ordered Anthropic on June 12 to suspend exports of Mythos 5 and Fable 5 to all foreign nationals.

The Pentagon designated Anthropic a “supply chain risk” in March, the first time a US company received that label. Anthropic sued. A federal judge blocked enforcement. Then President Trump said on June 19 that he no longer considers Anthropic a national security threat, two days after meeting CEO Dario Amodei at the G7 summit, according to Cryptopolitan’s earlier reporting.

The export controls remain in place. So does the Pentagon designation. The government is simultaneously treating Mythos as a critical defensive asset and an uncontrollable offensive weapon, with policy swinging between the two positions week by week.

What comes next?

The immediate question is access. Anthropic wanted to expand Mythos availability from roughly 50 organizations to 120. The White House blocked the expansion, citing both national security and concerns about Anthropic’s compute capacity to serve the government and additional clients simultaneously.

For crypto, the calculus is simpler and more urgent. Every protocol now operates in a world where AI models can find decades-old bugs in the most scrutinized codebases on the planet. Zcash got a clean Mythos audit. Most projects have not been tested at all.