CISA is reportedly using Anthropic’s AI model Mythos to audit federal software and code repositories for security flaws, with the work led by the agency’s Attack Surface Evaluation team. According to Reuters, the initiative is intended to find and fix weaknesses in internal government systems before they can be exploited by foreign intelligence services or cybercriminals, and early use of the model has already uncovered a large number of vulnerabilities.
Officials have not disclosed which agencies or systems were scanned, the scope of the effort, or the severity of the findings. Reporting also indicates the NSA has experimented with or used Mythos in classified environments, underscoring broader U.S. government adoption of AI-assisted vulnerability discovery even as Anthropic’s government ties continue to draw policy and oversight scrutiny around safeguards, surveillance, weapons use, and model access restrictions.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
3 events from the most recent confirmed update back to the earliest known activity.
Security Affairs, citing Reuters, reported that the NSA had been using Anthropic's Mythos AI model since at least April. Testing reportedly found the model highly effective at identifying and exploiting weaknesses in sensitive government systems.
Sources cited by Reuters said the CISA initiative has already identified a large number of vulnerabilities in government software. No details were provided on the severity of the flaws or which systems were affected.
Reuters reported that CISA's Attack Surface Evaluation team is using Anthropic's Mythos AI model to audit federal government software systems and code repositories for vulnerabilities before they can be exploited. The scope of the scanning and the affected agencies or systems were not disclosed.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
5 references tracked. Mallory keeps watching after this page renders.
securityaffairs.com
Open sourcecybersecuritynews.com
Open sourcesecurityweek.com
Open sourceteiss.co.uk
Open sourcewhbl.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.