Published: June 05, 2026, 00:55 UTC
The Financial Times reported Thursday that Anthropic has embedded roughly half a dozen forward-deployed engineers inside the National Security Agency to help deploy its most powerful AI model, Mythos, for offensive cyber operations. It is the first known instance of a frontier AI company placing personnel within a US intelligence agency for this purpose.
The development takes a relationship that has long been suspected into an operational reality. Mythos, which Anthropic describes as “by far the most powerful AI we have ever developed,” is now being used to scan for vulnerabilities, conduct penetration testing, and execute offensive cyber operations from inside the NSA’s networks. The engineers are there to customize deployment, guide use, and ensure the model works effectively within the agency’s infrastructure (Financial Times; Axios).
What Mythos can do
Mythos has demonstrated the ability to autonomously discover and exploit zero-day vulnerabilities across every major operating system and web browser. In weeks of testing, it found thousands of high-severity vulnerabilities, including a 27-year-old bug in OpenBSD, a 16-year-old flaw in FFmpeg, and 271 security vulnerabilities in Firefox that Mozilla addressed within two weeks of disclosure (Anthropic; Calif.io).
The UK AI Security Institute ranked Mythos first in its cyber range testing in April, with Claude Opus 4.6 in second place and GPT-5.4 and GPT-5.3 Codex tied for third (UK AISI). Time-to-exploit for known vulnerabilities collapsed to under one day.
Anthropic launched Mythos as part of Project Glasswing on April 7, 2026, with $100 million in model usage credits. The model was not publicly released; the company deemed it too dangerous for general availability. Founding partners included AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, Nvidia, and Palo Alto Networks. Access has since expanded to 150 organizations across 15 countries (TechCrunch).
The Pentagon blacklist paradox
The NSA deployment creates a striking contradiction. On February 27, 2026, Defense Secretary Pete Hegseth designated Anthropic a “supply chain risk,” effectively blacklisting the company after a dispute over AI safeguards. Anthropic had refused to remove guardrails against mass surveillance and autonomous weapons use. The Pentagon ordered all federal agencies to cease using Anthropic products.
The NSA, which falls under the Pentagon’s organizational umbrella, has been using Mythos anyway. White House Chief of Staff Susie Wiles personally authorized the intelligence agency to continue deploying the model, according to the Financial Times. The White House has also approved a classified $9 billion request for spy agency AI chips, and Anthropic is finalizing a classified contract for ongoing NSA access (NYT).
The situation underscores how operational necessity can override official policy when the technology is perceived as strategically critical. A federal judge called Hegseth’s original directive “troubling” in March, suggesting it could cripple Anthropic’s business. The White House drafted guidance in late April to circumvent the supply chain risk designation entirely (Axios).
Timeline to deployment
The path from laboratory to NSA networks moved fast. Mythos was developed in early 2026, with its existence leaked through draft blog posts on March 26. Official launch came on April 7. By April 19, Axios reported that the NSA was using the model despite the Pentagon ban. The June 4 FT report confirmed that Anthropic engineers were physically embedded at the agency.
Financial regulators globally took notice. The Federal Reserve, European Central Bank, Bank of England, and Bank of Canada all convened emergency meetings after the April 7 launch, assessing the systemic risk Mythos could pose to financial infrastructure if used offensively. The US Treasury sought its own access to the model on April 14 (TechCrunch).
What this means
Having a frontier AI company’s employees embedded inside an intelligence agency for offensive cyber operations creates a new category of government-industry relationship. The NSA gains direct access to Anthropic’s most advanced model and the expertise to wield it effectively. Anthropic gains a powerful customer and, potentially, a degree of influence over how its technology is used.
But it also raises unresolved questions. Who decides the rules of engagement for an AI that can find thousands of zero-days faster than any human team? What oversight exists when the same model is simultaneously deployed to 150 other organizations, including critical infrastructure operators in 15 countries? And how does a company that refused to remove guardrails against mass surveillance reconcile embedding engineers at an agency whose mission includes signals intelligence at global scale?
The Mythos-NSA arrangement is likely to become a template, for better or worse, for how frontier AI integrates with national security infrastructure. The capability is too valuable to ignore. The questions it raises are too significant to defer.
Sources: Financial Times (June 4); Axios (April 19); TechCrunch (April 20); New York Times (May 22); Anthropic (April 7); UK AI Security Institute (April 13)