[Photo: Shutterstock]

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is using Anthropic's AI model Mythos to audit government software, Reuters reported recently, citing three sources.

CISA is scanning government code repositories with Mythos to find bugs that foreign spies or cybercriminals could exploit, the officials said. Anthropic did not respond to questions about the project. A CISA official said last month they would check whether there was anything to share, but did not respond to follow-up emails.

"This scanning work is being carried out by CISA's Attack Surface Assessment Team," one official said. The team is an internal CISA organization responsible for digital security assessments across the government and hacking drills. Two officials said many vulnerabilities have already been uncovered in the audit, but did not explain in detail. Reuters said it could not confirm the scale of the government code the team reviewed, or the nature or severity of the bugs found.

Anthropic has maintained an uneasy relationship with the U.S. government. In February, after Anthropic refused to remove safeguards designed to prevent AI from being used for autonomous weapons or domestic surveillance, the Defense Department tagged Anthropic with an official supply chain risk designation. The measure had previously been applied only to foreign firms suspected of helping espionage activity.

The blacklisting was halted by a court decision in March. After that, tensions eased somewhat as Anthropic's AI model Mythos, known to be highly capable at finding and exploiting cybersecurity vulnerabilities, was distributed privately.

Against that backdrop, Axios reported that the U.S. National Security Agency (NSA) has used Mythos since April despite the blacklisting.

Keyword

#CISA #Anthropic #Mythos #NSA #Axios
Copyright © DigitalToday. All rights reserved. Unauthorized reproduction and redistribution are prohibited.