Anthropic Briefed the White House on a Model That Can Hack Every Major Operating System
Co-founder Jack Clark confirmed the company briefed the Trump administration on Claude Mythos Preview, a model that autonomously found vulnerabilities in every major OS and browser, even as Anthropic sues the Pentagon over AI restrictions.
Anthropic co-founder Jack Clark confirmed on Sunday that the company briefed the Trump administration on Claude Mythos Preview, a frontier AI model capable of autonomously finding and exploiting security vulnerabilities in every major operating system and web browser. The disclosure came while Anthropic is simultaneously suing the Department of Defense.
"Our position is the government has to know about this stuff. So absolutely, we talk to them about Mythos, and we'll talk to them about the next models as well."
Clark made the remarks at the Semafor World Economy summit, where he dismissed Anthropic's open legal battle with the Pentagon as "a narrow contracting dispute" that shouldn't "get in the way of the fact that we care deeply about national security."
What Mythos Can Do
Claude Mythos Preview, announced April 7, represents a dramatic leap in AI-driven cybersecurity capabilities. According to Anthropic's own testing:
- The model identified vulnerabilities in every major operating system and web browser
- On Mozilla Firefox's JavaScript engine, Mythos developed 181 working exploits compared to just 2 from its predecessor, Claude Opus 4.6 -- a 90x improvement
- It discovered a 27-year-old remote denial-of-service bug in OpenBSD and a 16-year-old FFmpeg vulnerability that years of automated fuzzing had missed
- It independently built a 4-vulnerability browser exploit chain combining JIT heap sprays with sandbox escapes
- Over 1,000 critical-severity vulnerabilities identified, with human triagers agreeing with severity assessments 89% of the time
The UK's AI Safety Institute independently confirmed the capability jump. On a custom 32-step corporate network attack simulation -- designed to take skilled humans 20 hours -- Mythos solved it end-to-end in 3 out of 10 attempts. No previous model had completed it. On expert-level capture-the-flag challenges, the model hit a 73% success rate on problems no AI had previously solved.
Anthropic says the capabilities weren't deliberately trained. They emerged from general improvements in code reasoning and autonomy.
"What we saw made us realize: the next time we train a really big model, we should expect it to have these capabilities sort of inherent to it, rather than ones that we need to elicit."
Suing the Pentagon, Briefing the White House
The White House briefing adds a new dimension to what has become the highest-profile clash between an AI company and the U.S. government.
The conflict began when negotiations to renew Anthropic's DOD contract collapsed over two red lines: Anthropic refused to allow its models to be used for mass surveillance of American citizens or for fully autonomous weapons. The Pentagon wanted access to Claude for "all lawful purposes" and wouldn't accept restrictions from a private company.
In response, the DOD designated Anthropic a supply chain risk in early March -- the first time an American company had received the label, a designation historically reserved for foreign adversaries like Huawei. Anthropic sued in both California and Washington, D.C., arguing the designation was retaliation for its AI safety positions.
A California federal judge blocked the designation indefinitely, finding it "ran roughshod" over Anthropic's constitutional rights. But a D.C. appeals court declined to block it, leaving the legal picture unresolved.
Clark's confirmation that Anthropic is still engaging directly with the White House on its most powerful model suggests the company is trying to maintain government access through civilian channels even as the military door closes.
Project Glasswing
Rather than release Mythos to the public, Anthropic launched Project Glasswing, committing up to $100 million in API credits and $4 million in direct donations to open-source security organizations including the Linux Foundation and the Apache Software Foundation.
Twelve launch partners received access to use the model for defensive vulnerability discovery: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks. Over 40 additional organizations focused on critical software infrastructure also received access.
Reports indicate that Trump administration officials have been encouraging major banks -- including JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley -- to test Mythos, adding a commercial dimension to the national security conversation.
The Clock
Clark's most pointed warning went beyond the current dispute. Open-source models with equivalent capabilities, he said, are coming -- and they'll come from China.
"This is not a special model. There will be other systems just like this in a few months from other companies, and then a year to a year and a half later, there'll be open-weight models from China that have these capabilities."
Over 99% of the vulnerabilities Mythos has discovered remain unpatched.