A new AI model capable of finding security flaws across every major operating system and browser has triggered emergency meetings between top US officials and Wall Street executives, with its creator limiting public access over unprecedented cybersecurity concerns.
Anthropic announced last week it will withhold the full release of its Claude Mythos Preview model, claiming the technology poses too great a risk for general availability. The company said Mythos can identify and exploit vulnerabilities in "every major operating system and every major web browser," prompting immediate discussions with Washington regulators.
Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with bank CEOs earlier this week to warn about cyber risks posed by the new AI system. The Washington gathering included leaders from Citigroup, Morgan Stanley, Bank of America, Wells Fargo, and Goldman Sachs, familiar with the discussions.
Goldman Sachs CEO David Solomon confirmed his bank already has access to the model and is working closely with Anthropic on cybersecurity measures.
"We're hyper-aware of the enhanced capabilities of these new models," Solomon told analysts on Monday.
"We have the model. We're working closely with Anthropic and all of our security vendors."
The UK government's AI Security Institute issued its own warning Monday that Mythos represents a "step up" over previous models in terms of cyber threat potential. Testing showed Mythos could successfully complete a 32-step simulation of a cyber-attack in three out of ten attempts, tasks that would normally take human professionals days to execute.
Anthropic will limit Mythos access to approximately 40 technology companies through an initiative called Project Glasswing, including Amazon, Apple, Microsoft, Google, and JP Morgan Chase. The restricted consortium aims to use the model for defensive security work while sharing findings back with Anthropic.
"The fallout, for economies, public safety, and national security, could be severe,"
Anthropic wrote in a blogpost last Wednesday explaining its decision to restrict access. The company said AI models have reached a level where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.
OpenAI responded Tuesday by announcing GPT-5.4-Cyber, a new cybersecurity-focused model designed specifically for digital defenders. The rival AI company struck a more measured tone than Anthropic's warnings but acknowledged future models will require "more expansive defenses" as capabilities rapidly exceed current purpose-built systems.
UK financial regulators plan to discuss Mythos risks with British bank bosses and government officials within the next fortnight through the Cross Market Operational Resilience Group. The organization includes chief executives alongside officials from the Treasury, Bank of England, Financial Conduct Authority and National Cyber Security Centre.
Anthropic co-founder Dario Amodei emphasized ongoing government discussions during Monday's Semafor World Economy event in Washington. "The government has to know about this stuff," Amodei said.
"Absolutely we're talking to them about Mythos, and we'll talk to them about the next models as well."
