Anthropic says Mythos is finding bugs faster than the world can patch them. The White House wants to control who gets it next.

Anthropic says its Mythos cyber model has already found thousands of serious software flaws, but fewer than 1 percent have been fully patched. Now Bloomberg reports that the White House is opposing Anthropic's plan to widen access to roughly 70 more companies and organizations. That leaves the same pressure in place: attackers and unauthorized users have already touched the model, while many legitimate defenders still cannot get the bug-finding system that might help them close the backlog.

The new fact beyond that standoff is who stays locked out. Bloomberg reported that Anthropic wanted to raise the access pool from about 50 critical-infrastructure organizations to roughly 120, but some White House officials objected. The Next Web reported that officials are also worried Anthropic may not have enough computing power to serve a broader pool without hurting government access. So this is not just a fight over whether Mythos is dangerous. It is a fight over who gets scarce machine-speed vulnerability discovery while the patch queue keeps growing, and over who gets to build the remediation tools that shortage now makes valuable.

Anthropic launched Project Glasswing on April 7 as a defender-first program. The company said it would start with launch partners, expand immediately to more than 40 additional organizations, and commit up to $100 million in model credits for critical-infrastructure defense. But Bloomberg reported earlier this month that unauthorized users gained access to Mythos on the same day Anthropic announced the limited rollout.

That is why the patch figure matters more than the policy theater around it. The shortage here is no longer bug discovery by itself. Anthropic's own writeup says Mythos has already identified thousands of critical vulnerabilities, and that maintainers have fully patched fewer than 1 percent of them. If that bottleneck is real, the scarce thing is not one more tool that finds bugs. It is the people and software that can turn those findings into fixes before attackers catch up.

Anthropic's case that Mythos crossed a real threshold is not based on one company benchmark alone. In an evaluation published by the U.K. AI Security Institute, Mythos Preview succeeded 73 percent of the time on expert-level capture-the-flag tasks, which the institute described as tasks no model could complete before April 2025. The institute also said Mythos was the first model to complete a 32-step simulated corporate network attack end to end. Those are controlled tests, not proof of real-world damage, but they do support the idea that this is a meaningful capability jump rather than a scary product page.

Washington's position is awkwardly split. Axios reported that the National Security Agency is already using Mythos despite the Pentagon's March decision to label Anthropic a supply chain risk. Anthropic disclosed that designation in a company post, saying it followed CEO Dario Amodei's refusal to allow Claude for fully autonomous weapons or mass domestic surveillance. The Next Web reported that the White House is also preparing executive action to widen government access to Anthropic models even while opposing broader commercial expansion.

That contradiction points to the business gap in the middle. Washington appears comfortable keeping frontier cyber capability close for state use while slowing broader access for the private defenders who might actually fix what these models expose. If Anthropic is right about the patch backlog, the near-term opportunity may not be another bug-finding startup. It may be automated remediation, patch triage, and verification tools that help defenders move at something closer to the model's pace.

There is still a softer reading of today's Bloomberg report. The claim rests on anonymous administration officials, Anthropic declined to comment, and the real concern may be compute allocation more than national-security doctrine. But even that version leads to the same unresolved pressure. When a cyber model is both scarce and useful, access starts to look less like a product rollout and more like infrastructure rationing. What to watch next is whether Anthropic wins approval to widen the pool, or whether the patch backlog keeps growing while the best bug-finding systems stay concentrated inside government and a small circle of partners.