White House Moves to Give Federal Agencies Access to Mythos AI

The Trump administration is preparing controlled federal deployment of Anthropic’s most powerful model, reshaping cybersecurity expectations and rattling equity markets.

Key Takeaways

• The White House OMB has circulated a memo outlining safeguards for federal agency access to Anthropic’s Mythos AI, reversing a Pentagon move weeks earlier to restrict the company’s technology on supply-chain grounds.
• Mythos Preview autonomously identified thousands of previously unknown software vulnerabilities, achieving an 83.1% CyberGym benchmark score and triggering sharp equity declines across enterprise software and cybersecurity stocks.
• Anthropic has restricted Mythos to a curated partner consortium while negotiating controlled government access, positioning itself as a national security asset and deliberate gatekeeper of its most sensitive capabilities.

A Carefully Managed Opening

An internal email circulated this week by the White House Office of Management and Budget has set in motion what could become the most consequential deployment of artificial intelligence in the federal government’s history. Gregory Barbaccia, the federal chief information officer, informed officials across Cabinet departments that the administration is establishing safeguards to permit major agencies to use a modified version of Anthropic’s Mythos, the San Francisco company’s most advanced model. The memo, subject-lined “Mythos Model Access,” committed to no firm timeline, but its signal was unambiguous: Washington intends to harness a technology it has simultaneously treated with caution and recognised as strategically indispensable.

The timing is notable. Just weeks ago, the Pentagon moved to restrict federal use of Anthropic’s models, citing supply-chain risks, a decision that prompted legal pushback from the company and quiet workarounds from agencies already eager to test the system. That the White House is now preparing to expand access, however carefully, reflects a rapid recalibration driven less by changed politics than by the capabilities Mythos itself has demonstrated.

What Mythos Actually Does

Unveiled on April 7 as the engine behind Project Glasswing, Anthropic’s initiative to secure critical software infrastructure, Mythos Preview arrived with a technical record that reframed the AI conversation in Washington and on Wall Street almost simultaneously. The model had autonomously identified thousands of high-severity vulnerabilities across every major operating system, leading web browsers, and a range of foundational codebases. Among its documented findings: a 27-year-old flaw in OpenBSD capable of triggering remote crashes, a 16-year-old bug in FFmpeg that had survived millions of automated tests, and complex exploit chains buried in the Linux kernel.

On the CyberGym benchmark, Mythos Preview reproduced known vulnerabilities at an 83.1 percent success rate, compared with 66.6 percent for its predecessor, Claude Opus 4.6. That 16-point gap represents not an incremental improvement but a categorical shift in what automated systems can find, and what adversaries could theoretically do with equivalent tools.

Anthropic chose not to release Mythos publicly. Instead, it limited access to a curated consortium that includes Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Microsoft, NVIDIA, Palo Alto Networks, the Linux Foundation, and more than 40 other organisations responsible for critical software. It committed up to $100 million in usage credits and $4 million in direct donations to open-source security efforts. More pointedly, it confirmed active discussions with US government officials about the model’s offensive and defensive cyber capabilities, framing Mythos not as a product awaiting a market but as a national-security instrument requiring careful stewardship.

The Strategic Logic Behind Controlled Access

Anthropic’s restrained rollout was not defensive posturing. It was a considered position rooted in the recognition that frontier AI has crossed a threshold where its capabilities pose genuine dual-use risks. Jack Clark, the company’s co-founder and head of public benefit, confirmed that Anthropic briefed the administration directly, stating plainly that “the government has to know about this stuff.” The White House responded in kind, reiterating that it “continues to work and engage with AI companies to ensure their models help secure critical software vulnerabilities.”

Our position is the government has to know about this stuff, and we have to find new ways for the government to partner with a private sector that is making things that are truly revolutionizing the economy, but are going to have aspects to them which hit National Security, equities, and other ones.

The prospective government version of Mythos would presumably include air-gapping, layered oversight mechanisms, and strict usage restrictions. The OMB memo acknowledged the tension at the centre of that effort: the same capabilities that make Mythos Preview valuable for defenders could, if compromised or misused, “sharply increase cybersecurity risk.” That sentence alone captures why controlled federal access is both necessary and inherently difficult to get right. Harnessing a dual-use tool without hardening the environment around it would simply transfer risk rather than reduce it.

Market Signals and the Wider Software Disruption

Capital markets registered the implications of Mythos before Washington had fully processed them. On April 9, two days after the Project Glasswing announcement, shares of major software and cybersecurity companies fell sharply. Palantir, ServiceNow, and Intuit each declined between six and eight percent in a single session, ranking among the steepest decliners in the S&P 500 on a day when broader indices advanced. Salesforce dropped three percent, the worst performance in the Dow. Cybersecurity names including CrowdStrike, Palo Alto Networks, Zscaler, and SentinelOne saw losses ranging from six to eleven percent.

The sell-off was not a standalone event. It formed part of a broader re-rating that had already erased roughly two trillion dollars in enterprise software market value earlier in the year, as successive AI releases raised pointed questions about the durability of incumbent business models. Mythos crystallised two interlocking concerns for investors: that legacy codebases contain far more exploitable weaknesses than previously assumed, now visible to machines capable of acting on them at scale, and that the economic advantages protecting established software vendors may be narrower than their valuations had implied.

For Anthropic, the commercial trajectory runs in the opposite direction. Having closed a $30 billion Series G round in February at a $380 billion post-money valuation, the company has since fielded investor interest at figures reportedly exceeding $800 billion, with annualised revenue said to be approaching $30 billion. The gap between those numbers and the public market distress in enterprise software is one of the defining asymmetries of the current technology cycle.

The Stakes of Federal Integration

For federal agencies, the defensive case for Mythos is substantial. Treasury, the Commerce Department’s Center for AI Standards and Innovation, and defence-adjacent bodies have all expressed interest in using the model for vulnerability hunting and cyber hardening. In an environment where state-sponsored actors from China, Iran, North Korea, and Russia routinely probe American infrastructure, the ability to surface and patch decades-old flaws before adversaries exploit them represents a genuine operational advantage.

The harder question is whether the guardrails the OMB is building will hold under operational conditions. Controlled access is a starting point, not a guarantee. The implementation details, still forthcoming, will determine whether the federal deployment of Mythos becomes a model for responsible AI integration in government or an object lesson in the limits of safeguard frameworks when applied to tools of this power.

What the White House memo has already established, without equivocation, is that the administration views Mythos as an instrument the federal government cannot afford to ignore. That judgement is correct. Frontier AI is no longer a laboratory phenomenon; it is an operational reality with measurable consequences for software markets, national security, and the balance of cyber power. The question now is not whether to engage it, but whether the architecture around that engagement proves equal to the task.