Anthropic, the company the US government once branded a national-security risk, is now reportedly helping the National Security Agency use a secretive AI system called Claude Mythos for cyber operations. That odd arrangement, described by Financial Times sources, says as much about Washington’s appetite for AI-powered hacking as it does about the messy state of its relationship with one of the sector’s best-known model makers.
The reported Claude Mythos use also highlights a broader split in US policy: one part of the government is treating Anthropic as a security risk, while another appears to value its models for cyber work. In the fast-moving world of cyber conflict, where a newly found flaw can be burned in hours rather than months, a model that can sift through code and surface vulnerabilities has obvious appeal – even if the politics around it are, politely, a mess.
What Claude Mythos is doing for the NSA
According to the report, Anthropic engineers have spent recent months inside NSA units helping tune Mythos for specialized work. Officially, that sounds like defensive cybersecurity: scanning software, spotting weak points in operating systems, browsers, and network infrastructure. Unofficially, the same capabilities are exactly what offensive teams want when they are hunting for exploitable holes in foreign networks.
That dual use is the real story here. AI that helps defenders also helps attackers, and the line between the two gets thinner every time a model is asked to automate reconnaissance. The NSA, like other intelligence agencies, has every incentive to move faster than human analysts alone can manage.
The $200 million deal that fell apart
The tension between Anthropic and the US government reportedly escalated earlier this year, when the White House discussed a government contract worth about $200 million. One of the conditions, sources said, was relaxing the model’s built-in limits and widening the range of permitted use cases. Anthropic pushed back hard.
Chief executive Dario Amodei has publicly said the company does not support AI for mass surveillance or fully autonomous weapons. That position may sound principled, but it also creates a familiar Silicon Valley problem: selling powerful systems to governments while insisting the sharpest edges stay sheathed. Governments tend to hate that sort of selective restraint.
Why Washington still wants Anthropic’s models
By March 2026, the relationship had deteriorated enough that US authorities added Anthropic to a list of companies facing restrictions with some government bodies. The Pentagon later told the company it had been judged a ”supply chain risk” for national security purposes, and the contract was terminated, with work shifted to rivals. Yet if the NSA is still leaning on Mythos, it suggests one part of the bureaucracy is not fully convinced by the blacklist theater.
There is precedent for this kind of split-screen policy. In Washington, one agency’s prohibited vendor is often another agency’s indispensable contractor, especially when a new technology looks strategically too useful to ignore. With US-China tech competition intensifying, that instinct only gets stronger: first block, then borrow, then argue about it in court.
Anthropic is challenging the government’s actions, saying its constitutional rights were violated. The state says national security comes first. The next question is whether this reported NSA use becomes an isolated workaround or the first sign that federal policy toward frontier AI is quietly being rewritten by operational need.