Six Anthropic engineers are currently embedded inside the National Security Agency. They are deploying Mythos — the company's most capable AI model — for offensive cyber operations, the Financial Times reported on Thursday. Potential targets, per sources, include networks in China and Iran.
This is not a standard government technology contract. The engineers are described as forward-deployed staff, customizing the model on-site for specific intelligence applications. Unlike Anthropic's commercial Mythos deployments for critical infrastructure, the NSA arrangement is explicitly offensive: probing vulnerabilities, penetrating foreign networks, extracting data from adversary systems.
The timing is hard to ignore. On that same day — June 5 — Anthropic published research warning that AI is approaching "recursive self-improvement" and called on world leaders for "a verifiable global pause" on advanced AI development, drawing a direct analogy to Cold War nuclear treaties. A public appeal for restraint and a classified offensive cyber contract, in the same 24-hour window.
The backstory is complicated. In February, Defense Secretary Hegseth designated Anthropic a "supply-chain risk" — a label historically reserved for foreign adversaries like Huawei — after a $200 million Pentagon contract collapsed. The sticking point: Anthropic refused to allow the Department of Defense to use Claude for fully autonomous weapons or domestic mass surveillance. The NSA contract fell outside those restrictions.
What Anthropic appears to be drawing is a specific line: not between offense and defense, but between AI operating under human supervision and fully autonomous systems. Supervised offensive operations are acceptable; autonomous ones are not. Whether that distinction holds as offensive AI systems grow more capable is exactly the question the company's own research raises — which makes the timing of Thursday's dual announcements either deeply coherent or deeply awkward, depending on how you read it.
