Jul 6, 2026 · 10:14 PM
Subscribe
Home Ai

CISA Is Using Anthropic's Mythos to Audit Government Code Despite the Ban

Reuters reports CISA's Attack Surface Evaluation team is running Anthropic's Mythos against government code for vulnerabilities, months after the Pentagon blacklisted the company entirely. Meanwhile Alibaba just banned Claude Code in China over alleged tracking code, in the middle of its own distillation fight with Anthropic.

Elroy Fernandes
· 4 min read · 70 views
CISA Is Using Anthropic's Mythos to Audit Government Code Despite the Ban

The same government that ordered every federal agency to stop using Anthropic's AI in February is now running its Claude-based Mythos tool against sensitive government code, while China's Alibaba just banned the same company's coding tool for the opposite reason.

CISA's Attack Surface Evaluation team, the unit that runs digital security assessments and hacking exercises across the federal government, is scanning government code repositories with Anthropic's Mythos looking for bugs that could let in foreign spies and cybercriminals. Reuters reported the arrangement on July 6, citing sources briefed on the effort. Two of those sources said the audits have already turned up a large number of vulnerabilities, though they wouldn't say how many or where.

That's a strange sentence to write about a company the Pentagon spent months trying to banish. Frankly, it tells you more about how Washington actually works than any press release does.

Mythos itself isn't a hypothetical. Anthropic's own published assessment of the Mythos Preview model found it capable of discovering vulnerabilities that had survived decades of human led review across every major operating system and web browser, then building working exploits without a person guiding it. SecurityWeek reported the tool flagged more than 23,000 potential vulnerabilities across upwards of 1,000 open source projects. Independent security firms have reviewed 1,900 of those findings so far and confirmed 1,726, more than 1,000 of them rated high or critical severity.

That's not a demo. That's a body of confirmed bugs sitting in code other people rely on.

Access to the tool has been messy inside government itself. Axios reported in April that CISA had no access to Mythos at all and was, in the outlet's words, last in line among federal agencies. The National Security Agency, according to Reuters, had already been running it by then, despite the same blacklist that was supposed to keep every agency away from Anthropic entirely.

The blacklist traces back to July 2025, when Anthropic, Google, OpenAI and xAI each signed contracts worth up to $200 million with the Pentagon, and Claude became the first frontier model cleared for classified networks. The Pentagon later tried to renegotiate, pushing Anthropic to drop the acceptable use policy provisions that barred Claude from fully autonomous weapons systems and mass domestic surveillance of Americans. Anthropic wouldn't budge. Negotiations collapsed at a deadline the Pentagon set for 5:01 p.m. on February 27, and Defense Secretary Pete Hegseth designated Anthropic a supply chain risk under the Federal Acquisition Supply Chain Security Act. President Trump ordered agencies to cut ties, and the General Services Administration pulled Anthropic from USAi.gov and its governmentwide contracting schedule days later.

Anthropic sued. A judge blocked the designation in March, according to CNN, but an appeals court sided with the Pentagon in April, according to CNBC, leaving the blacklist standing even as the NSA and now CISA keep using the tool anyway.

Rules on paper. Exceptions in practice.

If anything, the ban seems to have helped Anthropic more than it hurt. Claude became the top free app on Apple's US chart the day after Trump's order, and by late June the government had quietly re-authorized a version of Mythos for a short list of trusted organizations, even as it kept OpenAI's rival model on a similarly restricted footing.

Beijing has its own version of this fight

Alibaba is running the same script from the opposite direction. The company told employees it would ban Claude Code starting July 10, according to TechCrunch and CNBC, after developers discovered code that checked a user's time zone and proxy settings to flag whether they were connecting from China. Anthropic called the mechanism an anti-abuse experiment and said it removed it on July 1. The ban lands amid a separate dispute in which Anthropic has accused Alibaba of running a distillation attack, extracting Claude's capabilities to train Alibaba's own models.

Washington blacklisted Anthropic and still lets its own security teams run Mythos against government code. Beijing is doing the reverse: banning Claude Code for employees while Anthropic accuses Alibaba of stealing from it. Same company, same season, two governments pulling in opposite directions.

Also read: Anthropic's AI ban is over, but the lawsuit over it is notChip stocks are roaring back, but Nvidia is sitting this rally outAnthropic locks up power in Kentucky with a 20-year, 19 billion dollar TeraWulf lease

TOPICS
Elroy is a digital marketer and developer from Goa, with over a decade of experience web development and marketing. He has been associated with several startups and serves currently as an Editor to the Asia Pacific Industrial magazine. He occasionally writes on Startup Fortune about technology and automation.
Related Articles
More posts →
Loading next article…
You're all caught up