Anthropic's latest AI model, named Claude Mythos Preview, is capable of hacking into major banking systems, perhaps many at once, and doing massive damage if it fell into the wrong hands. Banks are being encouraged to test it out.
In case you missed the announcement last week, Anthropic has a new high-level AI coding model called Claude Mythos Preview, or just Mythos for short. Immediately upon announcing it, Anthropic also announced Project Glasswing, a joint initiative among multiple companies — Amazon Web Services, Anthropic, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, the Linux Foundation, Microsoft, NVIDIA, and Palo Alto Networks — to "secure the world’s most critical software."
The reason for Project Glasswing is that Mythos is reportedly capable of hacking into major computer networks at scale, and has indeed "already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser." [Italics theirs]
Security researcher Costin Raiu points specifically to IBM-built banking systems from decades back, telling Reuters this week, "A model like Mythos would have a field day finding exploits" in those systems. "And it's just one example of ancient technologies powering the financial industry," Raiu adds.
Mythos hasn't technically been released, and won't be released to the public because of these potential dangers. Large banks, which are mostly run on legacy software, are being encouraged by the White House to test out Mythos and use it to build up their own defenses against AI-powered exploits.
IBM said last week that Mythos is already "forcing enterprise security teams to rethink their defenses from the ground up."
As TechCrunch reports, Anthropic co-founder Jack Clark confirmed this week that the Trump adminsitration had been briefed on Mythos and its capabilities, which prompted Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell to call a meeting with banking executives this week. The administration told banks they should be ready "to understand and anticipate a wide range of market developments" because of this new AI model.
JPMorgan Chase, which is one of the banks that is doing some preview testing work with Mythos, put out a statement calling the project "a unique, early-stage opportunity to evaluate next-generation AI tools for defensive cybersecurity across critical infrastructure."
As Reuters reports, government officials in the UK and Canada have also met with banking institutions to discuss the potential threats posed by Mythos.
Security expert David Lindner tells Fortune that the problem will be doing all the work to fix vulnerabilities in systems that do exist — many of which companies are already aware of. Lindner also warns that Mythos won't stay "unreleased" for long.
"Even if they, quote unquote, don’t release it, China will have a version in five or six months, and there’ll be an open-source version within a year or two," Lindner tells Fortune.
Anthropic calls its Project Glasswing "a starting point," but the potential for future catastrophes seems clear.
"No one organization can solve these cybersecurity problems alone: frontier AI developers, other software companies, security researchers, open-source maintainers, and governments across the world all have essential roles to play," the Anthropic blog post says. "The work of defending the world’s cyber infrastructure might take years; frontier AI capabilities are likely to advance substantially over just the next few months. For cyber defenders to come out ahead, we need to act now."
Top image: Anthropic Co-founder and CEO Dario Amodei speaks at the "How AI Will Transform Business in the Next 18 Months" panel during INBOUND 2025 Powered by HubSpot at Moscone Center on September 04, 2025 in San Francisco, California. (Photo by Chance Yeh/Getty Images for HubSpot)
