Assessment of vulnerabilities in US classified systems using artificial intelligence

During the second half of June 2026, as part of an authorised cybersecurity assessment exercise carried out by US government agencies, it emerged that the Mythos artificial intelligence model had been used to analyse the security of classified systems. The aim of the exercise was to identify vulnerabilities in a controlled manner and to assess the ability of advanced AI to support security audit tasks.

Mythos is reported to have identified vulnerabilities in classified systems during an authorised red teaming exercise, completing this task within a matter of hours. The aim of the exercise was to assess the effectiveness of artificial intelligence tools in detecting security weaknesses before they could be exploited by malicious actors. There is no public evidence that the classified systems were compromised or that any sensitive information was leaked as a result of these tests. Nor is there any record of the NSA reporting a security breach arising from the exercise. 

The available information indicates that the tests were carried out in an authorised environment for the purposes of assessing capabilities and identifying vulnerabilities. Consequently, there have been no official reports of systems affected by an attack, of data being compromised, or of an investigation into a security breach; the incident described has been publicly characterised as an activity aimed at assessing and strengthening security.