Surveys aside, AI and cybersecurity are considered inseparable according to an overwhelming majority of tech leaders and cybersecurity professionals. In six short years, cybersecurity has been transformed by AI through enhanced real-time monitoring, automated and targeted remediation, emergency notifications, ensuring patches are installed in a timely and safe manner, backup scanning, and other preventive measures such as anti-malware and phishing detection and elimination.
As if things could not be moving faster, we recently learned about Anthropic’s Mythos AI model. Mythos, formally Claude Mythos Preview, is Anthropic’s unreleased frontier AI model that has attracted significant attention for its unusually strong cybersecurity capabilities. According to Anthropic, Mythos can find and sometimes exploit serious software vulnerabilities at a level that may exceed that of even the most skilled human security researchers, including flaws in major operating systems and browsers.
Anthropic has therefore limited access to Mythos through Project Glasswing, using it with selected organizations to identify and fix vulnerabilities rather than releasing it publicly. The concern for governments and critical infrastructure is two-sided: In trusted hands, Mythos could dramatically improve vulnerability discovery and software hardening; in the wrong hands, similar capabilities could accelerate zero-day discovery, exploit development, phishing, malware, and the shrinking of the time between vulnerability discovery and attack. For public-sector leaders, the key takeaway is that Mythos signals a new cybersecurity era in which AI is no longer just defending networks — it can also discover, weaponize and scale offensive cyber capabilities, making governance, access control, patch readiness and public-private coordination far more urgent.
Some have claimed that Mythos has uncovered system vulnerabilities that have been undetected for over a decade. Scary stuff. But scarier still for small state and local governments, which often lack the expertise and financial resources to utilize such a powerful tool. In today's environment, standing still is actually going backward, making their systems even more vulnerable.
Our growing dependence on AI remedies provides some great remediation, but at the same time, increased risk. Most attention has focused on the dangers of AI tools such as Mythos falling into the wrong hands and being used against U.S. interests. Far too little attention has been paid to the potential for autonomous AI failures. What happened to a software company called PocketOS, which served car-rental businesses, should be considered a critical wake-up call. And this example had nothing to do with Mythos.
In published reports, PocketOS was running a staging task using Anthropic’s Claude variant when it deleted the company’s production database and backups in about nine seconds. The result was a major outage — reportedly more than 30 hours — leaving customers without access to reservations, payments and other operational data. To add insult to injury, the agent later issued an apology, saying, “I violated every principle I was given,” according to reports.
The incident appears to have been a layered failure rather than simply “Claude went rogue.” Reports say the agent had broad access, the infrastructure allowed destructive API calls without adequate confirmation and backups were not sufficiently isolated from the live system. PocketOS reportedly recovered some data from a three-month-old off-site backup, but current and serious data gaps remained.
The broader lesson is that AI agents should not be given production-level authority without strict controls: scoped credentials, read-only defaults, human approval for destructive actions, isolated backups, logging, rollback plans and “kill switch” procedures. For government and critical infrastructure, this is a vivid warning that AI automation can collapse the distance between an ordinary mistake and an operational crisis.
Imagine if this happened to a state or local government. The damage could be catastrophic. Governments collect and maintain far more sensitive data than just customer history and account information. Perhaps most mystifying is Claude Agent’s explanation that, in its apology, it admitted to violating all the rules it was programmed to do and not to do. We must ask, how and why? We need more than an apology.
This incident occurred at a company using one vendor’s intelligent software. One must not lose sight of the fact that there are a dozen companies capable of building their own version of Mythos, where the dangers are magnified tenfold. This becomes particularly worrying as agentic AI gains traction. As we learn more, agentic AI is a system that can make decisions, take actions and adapt without human intervention. It's a highly advanced form of AI that can perform tasks that used to require humans.
So what are humans supposed to learn from this? The arrival of Mythos should be viewed less as a single product announcement and more as a defining moment in the evolution of digital risk. AI and cybersecurity are no longer parallel tracks; they are now fused into one operational reality. The same tools that can identify hidden vulnerabilities, accelerate patching and strengthen resilience can also amplify mistakes, widen attack surfaces, and compress the time between discovery and damage. For state and local governments, the question is no longer whether AI will shape cybersecurity — it already has. The question is whether public organizations will govern these tools with the same seriousness they now devote to firewalls, identity management, disaster recovery and emergency response.
As frightening as this is, we need not retreat from AI, but we must approach it with discipline, humility and controls equal to its power. Public-sector leaders must demand clear rules for agentic systems, strict limits on production access, independent backups, human review for destructive actions, continuous monitoring and tested recovery plans. Mythos and similar AI offerings may help usher in a new age of cyber defense, but it also reminds us that intelligence without governance can quickly become a liability. In the AI era, trust will not come from automation alone. It will come from accountability, transparency, oversight and the hard work of ensuring that powerful systems remain firmly aligned with public accountability.
Alan R. Shark, a senior fellow at the Center for Digital Government, is an associate professor at the Schar School for Policy and Government at George Mason University, where he also serves as a faculty member in the Center for Human AI Innovation in Society. He is also a senior fellow and former executive director of the Public Technology Institute, a fellow of the National Academy of Public Administration, and founder and co-chair of its Standing Panel on Technology Leadership. He is the host of the podcast series Sharkbytes.net. The Center for Digital Government and Government Technology are both divisions of e.Republic.
