NSA Uses Mythos Even as Pentagon Blacklists Anthropic
NSA is running Anthropic's Mythos Preview while the Pentagon - its parent department - formally brands Anthropic a supply chain risk and fights in court to keep the company out of federal systems.
6 min read
The National Security Agency is one of the American institutions most dependent on offensive and defensive cyber capability. It also sits, organizationally, inside the Department of Defense. On Sunday, Axios reported that the NSA is quietly using Anthropic's Mythos Preview - the same model the Pentagon has formally classified as a supply chain risk and the same company the DOJ is trying to bar from federal systems.
The contradiction is now explicit: one arm of the Defense Department is running the model in production while another arm is in federal court arguing that using it endangers national security.
TL;DR
- Axios reported Sunday that the NSA is using Anthropic's Mythos Preview in production despite the Pentagon's February cutoff and March "supply chain risk" designation
- The NSA is administratively part of the Department of Defense - the same DoD that is suing to keep federal agencies off Anthropic's tools
- Mythos Preview was released to roughly 40 organizations under restricted access; only 12 were named publicly, and the NSA was not one of them
- The disclosure lands two days after Anthropic CEO Dario Amodei met Susie Wiles and Scott Bessent at the White House, with "next steps" reportedly focused on how non-Pentagon agencies can access the model
- Anthropic, the NSA, and the Department of Defense had not commented at time of publication; Reuters noted it "could not immediately verify the report"
What Axios reported
"The National Security Agency is using Anthropic's most powerful model yet, Mythos Preview, despite top officials at the Department of Defense - which oversees the NSA - insisting the company is a supply chain risk."
That is the core claim, sourced to Axios reporter Ashley Gold and republished by Reuters, Yahoo Finance, and a wire-service cohort on Sunday, April 19. The specifics matter:
- Mythos Preview is the cyber-capable model Anthropic released under restricted access in early April after it produced thousands of zero-days during internal testing
- Anthropic capped the initial rollout at roughly 40 organizations and only disclosed 12 of them. The NSA, per Axios, is one of the unnamed ones
- The model is reportedly "being used more widely within the department" - Axios does not specify which NSA directorates, but the agency's cyber-security mission and its SIGINT operations are the obvious use cases
- Anthropic is, at the same time, barred from Pentagon contracts but free to do business with the rest of the federal government while the court case continues
The stakeholder picture
The paradox now runs across three branches of government. Here is where each stakeholder sits as of today:
| Stakeholder | Position | Timeline |
|---|---|---|
| Pentagon (OSD) | Anthropic is a supply chain risk; no DoD use | Designated by Secretary Pete Hegseth in March 2026 |
| NSA (inside DoD) | Actively using Mythos Preview in production | Disclosed via Axios on April 19, 2026 |
| DOJ | Appealing to restore the blacklist at the Ninth Circuit | Appeal filed after Anthropic won a preliminary injunction |
| White House | Courting Anthropic; meetings ongoing | Wiles, Bessent, and Cairncross met Amodei on April 17 |
| Treasury and Fed | Encouraging banks to evaluate Mythos | Guidance issued early April |
| President Trump | "Who?" | Told a reporter April 17 he had "no idea" about the Anthropic meeting |
It is hard to find a parallel in recent procurement history. The same executive branch is arguing, on the record and in open court, that a vendor threatens national security - while that vendor's software is running on the classified-side infrastructure of the country's signals-intelligence agency.
Why the NSA needs it
The capability case
Mythos Preview is not a general-purpose chatbot. It is the model Anthropic built and hardened specifically for offensive-security workloads. Our review of the preview release covered the benchmark numbers: 83.1% on CyberGym versus 66.6% for Opus 4.6, 93.9% on SWE-bench Verified versus 80.8%, and a reported ability to rediscover bugs as old as a 27-year-old OpenBSD vulnerability in internal red-team exercises.
For an agency whose two halves do vulnerability research and network exploitation, that capability delta is not academic. Nobody inside the NSA is going to leave a tool with those numbers on the table because another part of the department has a procurement grievance. That is almost certainly how the agency is framing its decision internally.
The policy case
This is where it gets awkward. The Pentagon's written position is that Anthropic's refusal to remove its safety guardrails for military use makes the company unsuitable as a supplier. That position is now contradicted by the operational behavior of the largest three-letter agency inside the department. If the NSA's lawyers have signed off on using Mythos Preview in production, the supply-chain-risk designation is effectively a dead letter within the building where it was issued.
The political case
The Axios disclosure comes 48 hours after Amodei's White House meeting, and the timing is unlikely to be a coincidence. An administration source told Axios last week that "every agency" outside DoD wants Anthropic access. The NSA revelation turns that line into something sharper: the agency the Pentagon nominally controls was already doing what the rest of the government is now negotiating to do publicly.
What happens next
Three things are worth watching in the coming days:
- Whether the Pentagon acknowledges the NSA use. Hegseth's office has so far declined to comment. A public confirmation would make the supply-chain-risk designation untenable. A denial would put the NSA and the Office of the Secretary of Defense at direct odds on the record.
- Whether the DOJ's Ninth Circuit appeal survives. Federal courts generally take a dim view of executive-branch arguments that contradict executive-branch conduct. If government lawyers are arguing that using Anthropic threatens national security while an intelligence agency is using it to do national security, the appeal has a credibility problem.
- Whether Anthropic adds the NSA to its public disclosure. The company has so far kept the client list short, citing the cyber-sensitivity of the work. A Mythos-access list that omits the NSA has become harder to justify now that the omission is itself the story.
The broader pattern is now clear and worth naming plainly: the ban-and-deploy paradox that defined the Pentagon-Anthropic standoff has moved from anomaly to operating model. Different parts of the government will buy, use, and litigate against the same vendor simultaneously. Anthropic's legal team will spend the next several months arguing that this is fine. The Pentagon's position will be harder to defend than it was on Friday.
Sources:
- Axios - Scoop: NSA using Anthropic's Mythos despite Defense Department blacklist
- Yahoo Finance - US security agency is using Anthropic's Mythos despite blacklist, Axios reports
- TechTimes - NSA Now Uses Anthropic's Mythos Preview After Long Feud With Pentagon
- Rappler - US security agency is using Anthropic's Mythos despite blacklist
- Axios - Trump officials negotiating access to Anthropic's Mythos despite blacklist (April 16)
