Skip to content
AI SecurityAnthropicDual Use

Anthropic Mythos and the AI Dual-Use Problem

4 min read
Share

Anthropic Mythos and the AI Dual-Use Problem

For six weeks in June 2026, the US government effectively blocked Anthropic from releasing its most capable model. Last week, Commerce Secretary Howard Lutnick cleared Mythos 5 for a restricted release to a small group of trusted cyber defenders and critical infrastructure providers. The less powerful Fable model was not cleared.

This is the first time a commercial AI model has been put through something resembling an export-style security review, and it is worth understanding what happened and why.

Why the government was worried

Anthropic had warned officials that Mythos is exceptionally capable at finding software vulnerabilities. Not in a theoretical sense: the model can analyze production code and identify exploitable flaws at a speed and depth that materially changes the economics of vulnerability research. A skilled offensive security team might take weeks to find a critical flaw in a complex codebase. A competent operator with Mythos access might take hours.

That capability cuts both ways. It accelerates defensive security research. It also accelerates attack development. The government's concern was that releasing Mythos broadly would give adversaries a significant capability uplift before defenders had time to adopt the same tools.

How the government responded

The Commerce Department imposed what amounted to an export restriction on Mythos. Anthropic could not release it to general availability. The restriction lasted about six weeks, during which Anthropic worked with government agencies to define a framework for controlled release.

The result is Project Glasswing: Mythos 5 is available to a curated list of cyber defenders, critical infrastructure operators, and open-source security developers. The explicit goal is to let defenders use the model to secure important systems before equivalent capabilities become broadly available. The implicit bet is that the timing window between restricted and general availability is enough for defenders to make meaningful progress.

Why this matters beyond Anthropic

The Mythos review establishes a precedent. For the first time, a US government agency reviewed a commercial AI model for dual-use security risk and imposed conditional restrictions on its release. This is a different kind of AI governance than content policy or bias review. It is closer to how governments have historically managed dual-use technologies in cryptography and certain types of software.

A few implications worth tracking.

The review creates a template. If Mythos required a security review, future models with similar or greater capabilities will likely face the same process. AI labs will need to anticipate this and build government engagement into their release timelines.

The defender window is real but temporary. Project Glasswing's value proposition is a head start. That head start lasts only as long as comparable models are not available from other sources. Chinese AI labs, European researchers, and open-source projects are all on trajectories toward similar capability levels. The window may be months, not years.

Access asymmetry is the new attack surface. If Mythos is available to a curated defender list but not broadly, organizations outside that list face a capability gap. A hospital or a mid-size utility may have no path to Mythos access but may still face adversaries who find equivalent capability elsewhere.

What to do with this information

If your organization is in critical infrastructure, energy, finance, or healthcare, it is worth understanding whether you qualify for the Project Glasswing program. Anthropic has not published a full list of qualifying criteria, but the stated priorities are cyber defenders and critical infrastructure operators.

If you are a security practitioner thinking about AI-assisted vulnerability research in general: the competitive dynamic here is real. Organizations that build internal capability for AI-assisted code review and vulnerability analysis now will be better positioned than those that wait. The time to start is before the window closes, not after.

Gigia Tsiklauri is a Security Architect and founder of Infosec.ge. Get in touch if your organization is assessing AI security tool adoption or dual-use AI risk for your environment.

Related articles