The most powerful AI model ever built can find vulnerabilities in every major operating system. Bankers are not sleeping well.
Something unusual happened on 7 April 2026. US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell called an emergency meeting. They summoned the chief executives of the largest systemically important banks in the United States. The topic was not interest rates. It was not inflation. It was an AI model.
The model is Claude Mythos Preview, built by Anthropic. Within days, Bank of England Governor Andrew Bailey named Mythos explicitly in a speech at Columbia University. He described it as a model that could “crack the whole cyber risk world open.” Furthermore, the Bank of England’s Cross Market Operational Resilience Group scheduled emergency briefings for major UK banks, insurers, and exchanges. Additionally, Anthropic confirmed it plans to give UK financial institutions controlled access to Mythos within the week.
This is not an ordinary AI launch story. It is a systemic risk story. And the financial sector is at the centre of it.
What’s Happening & Why It Matters
What Mythos Actually Does
Claude Mythos Preview is not a cybersecurity tool. That is important to understand. It is a general-purpose frontier AI model. Its extraordinary cyber capabilities were not deliberately trained into it. Anthropic stated plainly: “We did not explicitly train Mythos Preview to have these capabilities. Rather, they emerged as a downstream consequence of general improvements in code, reasoning, and autonomy.”
What emerged is alarming. During testing, Mythos identified and exploited zero-day vulnerabilities — previously unknown security flaws — across every major operating system and every major web browser. Furthermore, it did so fully autonomously. No human guided it after the initial prompt. In one documented case, Mythos identified a 17-year-old remote code execution vulnerability in FreeBSD — catalogued as CVE-2026-4747 — that allows an unauthenticated attacker full root access to any machine running NFS.
Additionally, the model found a 27-year-old weakness in OpenBSD and a 16-year-old flaw in FFmpeg. Anthropic has identified thousands of critical zero-day vulnerabilities in total. Over 99% are unpatched and cannot yet be publicly disclosed.
Anthropic CEO Dario Amodei acknowledged both the danger and the opportunity: “The dangers of getting this wrong are obvious. But if we get it right, there is a real opportunity to create a fundamentally more secure internet and world than we had before the advent of AI-powered cyber capabilities.”
Project Glasswing: Controlled Access Before It Spreads
Anthropic chose not to release Mythos publicly. Instead, it launched Project Glasswing — a coalition of approximately 40 to 50 organisations given early, controlled access to Mythos Preview for defensive security work. Named launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Anthropic is committing up to $100 million (€91.7 million) in usage credits across the effort, alongside $4 million (€3.7 million) in direct donations to open-source security organisations.
The rationale is a race against time. Anthropic‘s own security team estimates that comparable capabilities will proliferate to other AI labs within six to eighteen months. OpenAI is reportedly developing a model with similar abilities. Therefore, the window for defenders to prepare is narrow. Furthermore, the UK’s AI Security Institute evaluated Mythos and described it as the first model to complete a full cyber-range attack end-to-end — chaining multiple attack steps into a complete intrusion without human assistance.
Newton Cheng, Frontier Red Team Cyber Lead at Anthropic, told VentureBeat: “Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely. The fallout — for economies, public safety, and national security — could be severe.”
Why Banks Are Uniquely Exposed
The financial sector is not a typical technology sector. It runs on deeply consolidated cloud infrastructure. A handful of major cloud providers support the core operations of thousands of banks, insurers, and financial exchanges globally. That concentration creates a specific risk. If a capable AI agent were to exploit vulnerabilities at a major cloud provider, the cascade could be catastrophic. Multiple institutions could fail simultaneously. American Banker described the concern clearly: regulators worry that AI-powered attacks at the cloud layer could “trigger catastrophic breaches across the heavily regulated banking system.”
Furthermore, major banks still run technology stacks that mix modern platforms with decades-old legacy systems. Costin Raiu, co-founder of cybersecurity firm TLPBLACK, told Reuters that a model like Mythos would have “a field day” finding exploits in certain IBM systems — pointing specifically to legacy technologies that still power significant parts of global financial infrastructure. Therefore, the risk is not theoretical. It is architecturally embedded in the systems banks already operate.
Goldman Sachs CEO David Solomon addressed the matter directly on the bank’s quarterly earnings call. He confirmed Goldman has access to the Mythos model. “We’re hyper-aware of the enhanced capabilities of these new models,” he said.
The UK Regulatory Response
The Bank of England‘s Cross Market Operational Resilience Group (CMORG) and its AI Taskforce are convening emergency briefings within days. Representatives from HM Treasury, the Financial Conduct Authority, and the National Cyber Security Centre will participate. The briefings will cover the cybersecurity implications of Mythos for UK financial institutions.
Additionally, Anthropic confirmed that UK banks will receive controlled access to Mythos through Project Glasswing. Anthropic’s Head of UK, Ireland, and Northern Europe, Pip White, stated: “That is in the very near term, in the next week.” The access is designed to let institutions use Mythos for defensive scanning before adversaries develop comparable capabilities.
However, questions are being raised about the approach. IBM Senior Vice President Rob Thomas pushed back on Project Glasswing’s restricted model. He stated that, at the scale of foundational infrastructure, “security improves more often through scrutiny than through concealment.” Security expert Bruce Schneier described the launch as “very much a PR play by Anthropic — and it worked.” Furthermore, the AI Security Institute‘s evaluation found that Mythos’ simulated test environments “lack security features that are often present, such as active defenders and defensive tooling.” Consequently, the model’s effectiveness against a fully defended financial system is genuinely uncertain.
AI Risk Has Entered the Boardroom
The Mythos episode is not primarily a cybersecurity story. It is a governance story. An AI model built by a private company has triggered emergency meetings at the US Federal Reserve, the US Treasury, the Bank of England, the Bank of Canada, and financial regulators across the UK. No AI system had previously prompted such a systemic regulatory response.
Gordon M. Goldstein, an adjunct senior fellow at the Council on Foreign Relations, described the moment starkly: “The global Hunger Games for AI security has arrived. There will be furious global competition for scarce AI security resources in the coming months. US interests will be safeguarded first, but very selectively. The rest of the world will struggle to prepare for an AI risk environment that will likely be transformed very soon.” Furthermore, Turing Award winner Yoshua Bengio — one of the world’s leading AI scientists — had warned at the end of 2025 that a dangerous AI capability threshold was approaching. Goldstein concluded: “It appears we have now crossed it.”
TF Summary: What’s Next
The immediate timeline is clear. UK banks will receive Mythos access within days of 17 April 2026. The Bank of England’s emergency briefings will follow. Over the next 90 days, Anthropic has committed to publishing what it has learned from Project Glasswing — including which vulnerabilities have been patched, what improvements have been made, and what practical recommendations the security community should adopt. Additionally, Anthropic has proposed establishing “an independent, third-party body” to coordinate long-term cybersecurity work across public and private sectors. That proposal has attracted support from global security leaders.
The deeper question is what comes next when Mythos-class capabilities are no longer restricted to a curated coalition. Anthropic acknowledges the transition period “may be tumultuous regardless.” Within six to eighteen months, comparable models are expected to proliferate across the AI industry. At that point, the world’s most powerful cyber vulnerability tool will no longer be a controlled access programme. Banks, insurers, and regulators know this. Their urgency reflects a simple calculation: the window to patch, defend, and prepare is finite — and it is already closing.
— Text-to-Speech (TTS) provided by gspeech | TechFyle