Anthropic announced that its latest AI model, Claude Mythos Preview, can uncover vulnerabilities across major operating systems and web browsers. The company has begun sharing limited access with a handful of U.S. government agencies, but the Cybersecurity and Infrastructure Security Agency (CISA) appears to be left out.

According to a report from Axios, the Department of Commerce and the National Security Agency are already testing the tool. Anthropic said it is in "ongoing discussions" with officials about the model’s offensive and defensive capabilities, and an unnamed company representative confirmed that CISA was briefed on the technology. The firm declined to comment further, and CISA did not immediately respond to a request for comment.

CISA, housed within the Department of Homeland Security, serves as the nation’s central coordinator for cybersecurity information. Its mandate includes helping state and local officials protect elections, public utilities, and other critical infrastructure from cyber threats. The agency’s exclusion from Mythos Preview raises eyebrows, especially given Anthropic’s claim that the tool finds security issues "in every major operating system and web browser."

Since the Trump administration returned to office, CISA has faced a series of constraints. The Department of Government Efficiency’s cost‑cutting measures trimmed the agency’s workforce, and some staff were reassigned to immigration‑related duties under DHS. An acting director told Congress that resources for detecting hacks were already limited amid a DHS shutdown, and the administration is reportedly seeking to shave hundreds of millions of dollars from CISA’s budget.

These fiscal pressures compound political attacks on the agency. After CISA declared the 2020 election the "most secure in American history," President Donald Trump and congressional Republicans launched a campaign against the organization, culminating in the dismissal of its former leader.

Anthropic’s strategy, as explained by its frontier red‑team cyber lead Newton Cheng, is to grant restricted access to the tool so key institutions can get a "head start" on cyber defenses. Yet for now, CISA appears to be missing that opportunity. Critics argue that an agency tasked with protecting critical infrastructure should be among the first to test any technology that promises to expose systemic weaknesses.

The situation underscores a broader tension between emerging AI security solutions and the bureaucratic realities of federal agencies. While private firms rush to commercialize advanced tools, government bodies must navigate budgetary limits, staffing shortages, and political scrutiny. Whether CISA will eventually gain access to Mythos Preview—or whether the agency’s role will be further marginalized—remains uncertain.

Used: News Factory APP - news discovery and automation - ChatGPT for Business