The company that made "AI safety" its brand just proved it can't keep its most dangerous model safe.
The Summary
- Unauthorized users accessed Claude Mythos the same day Anthropic announced its controlled rollout to select companies, according to Bloomberg.
- CISA, America's central cybersecurity coordinator, was excluded from Mythos Preview access while Commerce and NSA got in.
- Anthropic spent weeks arguing Mythos was too dangerous for public release due to its cybersecurity capabilities, then immediately lost control of distribution.
The Signal
Anthropic built its reputation on being the responsible AI company. The one that thinks hard about safety while OpenAI ships fast and breaks things. That brand just took a beating it won't recover from quickly.
Claude Mythos leaked before it was officially announced, so Anthropic pivoted to a "controlled rollout" story. The pitch: this model is so good at finding security vulnerabilities that we can only trust it with select partners. Then, on announcement day, unauthorized users already had access. Anthropic says it's investigating, which is corporate speak for "we don't know how this happened and we're scrambling."
The irony is thick enough to choke on. You're selling a cybersecurity AI while demonstrating you can't secure your own systems. Every enterprise security officer watching this is taking notes, and not the kind Anthropic wants.
"The company that made AI safety its brand just proved it can't keep its most dangerous model safe."
But the CISA exclusion adds a layer of absurdity that almost feels intentional. The Cybersecurity and Infrastructure Security Agency didn't get Mythos Preview access, but Commerce and NSA did. CISA is literally the agency responsible for coordinating federal cybersecurity. They're the ones who would deploy a tool like Mythos across civilian infrastructure.
Meanwhile, the Trump administration is negotiating broader federal access, which suggests this wasn't a technical decision. It was political. Someone decided the spy agency and the trade department were more important than the people protecting the power grid and water systems.
The Implication
If you're building security tools on frontier AI models, this is your warning shot. The models are moving faster than the organizations deploying them can secure. Anthropic isn't incompetent. They're well-funded, safety-focused, and they still couldn't control distribution of their most sensitive release.
For federal buyers, watch how CISA access plays out. If the central cybersecurity agency gets iced out of the best defensive tools because of political priorities, that's a structural problem that no amount of AI capability can fix. The agent economy doesn't matter if the infrastructure it runs on is full of holes and the people meant to patch them don't have the tools.