Claude Mythos: Why the Fed and Treasury Quietly Summoned Wall Street Over Anthropic's Most Powerful — and Dangerous — AI
The most powerful people in US finance and AI policy converged this week over a single AI model. Here's what that tells us about where we are.
There's a particular kind of alarm that moves quietly through Washington and Wall Street before it reaches the rest of us. It doesn't look like panic. It looks like a short-notice meeting at Treasury headquarters, attended by the CEOs of the largest banks in the country, arranged around a subject that almost no one outside the room would have predicted a month ago.
That meeting happened Tuesday. And the subject — Claude Mythos — is a name that's about to become very familiar to anyone who follows AI, cybersecurity, or the future of the financial system.
📌 The Story in Six Facts
The model: Claude Mythos Preview — Anthropic's most powerful AI, released April 7, 2026
What it can do: Find and exploit zero-day vulnerabilities in every major OS and browser
Who has access: ~40–50 organizations, including Amazon, Apple, Microsoft, Google, Nvidia, Cisco, JPMorgan
The initiative: Project Glasswing — $100M+ in usage credits for defensive cybersecurity work
The meeting: April 8 — Bessent and Powell warn CEOs of Citi, Goldman, Morgan Stanley, BofA, Wells Fargo
Public availability: None — Anthropic has explicitly declined a general release
What Is Claude Mythos — and Why Is It Different?
To understand why this story matters, you need to understand what Claude Mythos actually is — and what distinguishes it from every AI model that's come before it.
Anthropic has been building the Claude series of AI models since the company was founded in 2021. Their existing lineup runs from fast, affordable models like Haiku, to the mid-range Sonnet series (the model you're most likely interacting with on Claude.ai right now), to the large-scale Opus tier for complex tasks. Claude Opus 4.6, released earlier this year, was the company's most capable public model.
Claude Mythos Preview is something else entirely. Internally, Anthropic has described it under the codename "Capybara" — a deliberate signal that it represents a new tier above Opus, not just an incremental upgrade. Anthropic has described Capybara as a new tier of model that is even larger and more capable than Opus, but also more expensive, and the company says "Compared to our previous best model, Claude Opus 4.6, Capybara gets dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity, among others."
A General-Purpose Model That Became Something Unexpected
Here's the part that makes this story genuinely unusual: Mythos was not specifically built as a cybersecurity tool. It was designed as a general-purpose AI — smarter coding, sharper reasoning, more capable agents. The cybersecurity capabilities emerged from those underlying improvements in ways that surprised Anthropic's own researchers.
Many flaws in software go unnoticed for years because finding and exploiting them has required expertise held by only a few skilled security experts. With the latest frontier AI models, the cost, effort, and level of expertise required to find and exploit software vulnerabilities have all dropped dramatically.
Its benchmark scores redefine what "frontier" means: a 93.9% SWE-bench Verified score, a 97.6% on USAMO 2026, and the ability to autonomously discover and chain zero-day exploits across every major operating system and browser represent a genuine capability discontinuity.
Logan Graham, who leads Anthropic's Frontier Red Team — the internal group responsible for stress-testing new models before they're released — told reporters that Mythos Preview was advanced enough not only to identify undiscovered software vulnerabilities but also to build working exploits to weaponize them. Boris Cherny, the creator of Claude, did little to quell concerns: "Mythos is very powerful and should feel terrifying," he wrote on X. "I am proud of our approach to responsibly preview it with cyber defenders, rather than generally releasing it into the wild."
What Claude Mythos Actually Found — and Why That's Alarming
Decades of Hidden Vulnerabilities, Found in Weeks
Over the past few weeks, Anthropic used Claude Mythos Preview to identify thousands of zero-day vulnerabilities — flaws that were previously unknown to the software's developers — many of them critical, in every major operating system and every major web browser, along with a range of other important pieces of software.
Zero-day vulnerabilities are the most dangerous kind. Unlike patched or "N-day" vulnerabilities — bugs that are publicly known and for which fixes exist — zero-days are invisible to defenders. You can't patch something you don't know is broken. And for decades, finding them required a rare combination of deep technical expertise, time, and luck. Mythos changed that calculus dramatically.
Among the examples: It identified a flaw in OpenBSD, a highly secure operating system often used to protect firewalls and critical infrastructure. The bug could allow someone to crash a system remotely just by connecting to it, and it had been missed for nearly three decades.
Mythos Preview has improved to the extent that it mostly saturates existing evaluation benchmarks — so Anthropic turned its focus to novel real-world security tasks, in large part because metrics that measure replications of previously known vulnerabilities can make it difficult to distinguish novel capabilities from cases where the model simply remembered the solution.
Anthropic has engaged professional security contractors to manually validate every bug report before responsible disclosure to vendors and open source maintainers. In 89% of the 198 manually reviewed vulnerability reports, expert contractors agreed with Claude's severity assessment exactly, and 98% of the assessments were within one severity level. These are not false alarms.
⚠️ Why This Is Different From Previous AI Cybersecurity Tools
AI-assisted vulnerability scanning isn't new. But prior tools required human experts to guide them toward specific code areas, validate every result, and manually construct any exploit. What Mythos can do — find a previously unknown flaw, reason about how to chain it with other vulnerabilities, and construct a working exploit — is qualitatively different. Anthropic has begun a tightly controlled release of Mythos, the first AI model that officials believe is capable of bringing down a Fortune 100 company, crippling swaths of the internet, or penetrating vital national defense systems. That is not a marketing claim. That is the assessment of government officials briefed directly on the model's capabilities.
The Meeting Nobody Expected: Bessent, Powell, and Wall Street's Biggest Names
On Tuesday, April 8 — one day before Anthropic's public Mythos announcement — something unusual happened at the Treasury Department's Washington headquarters.
Fortune discovers Anthropic's draft blog post about Mythos in an unsecured public data cache. Anthropic confirms it is testing a new, more powerful model with early access customers.
Anthropic officially launches Claude Mythos Preview alongside Project Glasswing. The model is made available to approximately 40–50 organizations. No general public release is planned.
Treasury Secretary Scott Bessent and Fed Chair Jerome Powell convene an urgent, short-notice meeting with the CEOs of the largest US banks. Attendees include the leaders of Citigroup, Morgan Stanley, Bank of America, Wells Fargo, and Goldman Sachs (CEO David Solomon). JPMorgan's Jamie Dimon was unable to attend, though JPMorgan is a Project Glasswing partner.
Bloomberg, Reuters, and others report on the meeting. The story breaks across financial and tech media as one of the most significant AI-regulatory moments to date.
What Was Said in That Room
Bessent and Powell convened an urgent meeting with bank CEOs this week to warn of cyber risks posed by Anthropic's latest AI model. Anthropic launched the powerful Mythos model but stopped short of a broad release, citing concerns it could expose previously unknown cybersecurity vulnerabilities.
Bessent and Powell assembled the group at Treasury's headquarters in Washington on Tuesday to make sure banks are aware of possible future risks raised by Anthropic's Mythos and potential similar models, and are taking precautions to defend their systems, according to people familiar with the matter who asked not to be identified citing the private discussions.
The previously unreported meeting, arranged on short notice, is another sign that regulators consider the possibility of a new breed of cyberattacks as one of the biggest risks facing the financial industry. For context: the last time a major AI company so publicly withheld a model over safety concerns was 2019, when OpenAI declined to release GPT-2.
The signal being sent is unambiguous. When the head of the Federal Reserve and the Secretary of the Treasury jointly summon Wall Street's largest institutions to an unscheduled meeting, they are communicating that something requires immediate attention. Bessent and Powell's decision to summon Wall Street's biggest names suggests they believe that risk is no longer hypothetical.
Project Glasswing — Anthropic's Plan to Use the Threat to Fix the Threat
Anthropic's response to its own discovery is, in a sense, to turn the weapon into a shield. Rather than sitting on the model or releasing it into the open market, the company is giving access to a controlled group of organizations that maintain the software infrastructure most of the world runs on — so those organizations can find and patch their own vulnerabilities before bad actors find them independently.
Who's In — and What They're Doing With It
The partner organizations previewing Mythos as part of Project Glasswing include Amazon, Apple, Broadcom, Cisco, CrowdStrike, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. As part of the initiative, these partners will ultimately share what they've learned from using the model so that the rest of the tech industry can benefit from it.
As part of the new effort, called Project Glasswing, Anthropic will give over 50 tech organizations access to Mythos Preview with over $100 million in usage credits. "Project Glasswing partners will receive access to Claude Mythos Preview to find and fix vulnerabilities or weaknesses in their foundational systems — systems that represent a very large portion of the world's shared cyberattack surface," Anthropic announced.
The logic is straightforward: if models with Mythos-level capability are going to exist — and given the pace of AI development, they will, whether Anthropic builds them or someone else does — it's better for defenders to get a head start. The companies in Project Glasswing build the operating systems, browsers, cloud platforms, and security tools that underpin everything else. If they can find and fix their own critical vulnerabilities first, the internet is meaningfully safer before the next wave of models arrives.
🛡️ The Case for Glasswing's Approach
- Gives defenders a head start before models with similar capabilities become widely available
- Partners include the companies that build the world's most critical software
- $100M+ in usage credits lowers the barrier for security teams at participating organizations
- Anthropic pre-briefed CISA and senior US officials — coordinated, not unilateral
- Sets a precedent for responsible model releases that other AI companies may follow
- OpenBSD, OS, and browser bugs are being patched before public disclosure
⚡ The Real Risks That Remain
- Other AI labs — including in China — will develop comparable capabilities; the window to get ahead is limited
- State-sponsored actors may already be developing or deploying similar tools
- 40–50 organizations receiving access means a larger attack surface for the model itself to be compromised
- Anthropic is in an active legal dispute with the Pentagon over national security classification
- Not every vulnerable system is operated by a Glasswing partner
- The gap between defenders getting access and attackers catching up may be shorter than hoped
The Geopolitical Picture — China, State Actors, and a Closing Window
This story doesn't exist in isolation. It's one chapter in a much longer and more urgent narrative about what happens when AI capability outpaces the world's ability to govern it.
🌏 The China Factor
Other AI companies will soon catch up to Mythos — not just here, but in China and elsewhere. A Chinese state-sponsored group already used an earlier Claude model to target roughly 30 organizations in a coordinated attack before Anthropic detected it. That incident involved a significantly less capable model than Mythos. The implication is uncomfortable: if a prior Claude model was weaponized for state-sponsored attacks, what does a model with Mythos-level capabilities represent in the hands of a sophisticated adversary?
Officials fear that China, armed with superior AI, could present an existential threat to U.S. dominance. "An enemy could reach out and touch us in a way they can't or won't with kinetic operations," a source close to the Pentagon said. "For most Americans, the Iran war is 'over there.' With a cyberattack, it's right here."
There is also the matter of Anthropic's complicated relationship with the US government. The company has been proactively briefing federal agencies — including CISA — about Mythos's offensive and defensive capabilities. At the same time, it is currently in a legal dispute with the Pentagon, which designated Anthropic a national security supply-chain risk. Earlier this week, a federal appeals court in Washington, D.C., declined to temporarily block the Pentagon's decision to label Anthropic a national security risk. The company is contesting that classification.
It's worth noting that Anthropic is not alone in this situation. Separately, OpenAI is also reportedly concerned that an upcoming cybersecurity tool it has developed is too dangerous to be released publicly, and has similarly allowed a small group of its partners to test it out. The era of restricting frontier AI models over safety concerns is no longer hypothetical. It is, apparently, now standard practice.
What This Means — For Banks, Businesses, and Ordinary Americans
| If You Are... | The Near-Term Implication | The Action |
|---|---|---|
| A bank customer | Major US banks are now on explicit regulatory alert to harden their systems against AI-augmented attacks | Monitor accounts; enable multi-factor authentication on all financial accounts |
| A business owner | If attackers get access to Mythos-level tools, existing defenses may be insufficient — especially for unpatched legacy software | Prioritize patching; review vendor security postures; plan for AI-assisted threat environments |
| A software developer | AI-level vulnerability scanning is now the standard that security teams will be measured against | Expect new AI-assisted security tooling; understand that manual code review is no longer sufficient at scale |
| A government or critical infrastructure operator | Anthropic has briefed CISA; federal agencies are actively assessing implications for national infrastructure | Engage with CISA guidance; assess whether your systems are served by Project Glasswing partners |
| An investor or financial analyst | Cybersecurity spending by banks and enterprises is likely to accelerate; regulatory pressure on AI companies will increase | Watch for disclosure of new cybersecurity capex in upcoming earnings calls; monitor regulatory developments |
🔒 The Most Practical Thing to Understand Right Now
The vulnerabilities Mythos found are being patched. The responsible disclosure process Anthropic has put in place — with professional validators reviewing every report before it goes to vendors — means that the most critical bugs discovered so far will be fixed before anyone else can exploit them. That is the best-case scenario playing out in real time.
But patching known vulnerabilities is not the end of the story. The deeper implication of this moment is that the barrier to finding new vulnerabilities has dropped permanently. Once a capability like Mythos exists — even in restricted form — the race between attackers and defenders becomes fundamentally faster. CrowdStrike's 2026 Global Threat Report found an 89% increase in attacks by adversaries using AI year-over-year. That trend will continue regardless of what any single company decides about its release policies.
Want to Go Deeper on AI, Cybersecurity & US National Security?
These are the books and resources serious analysts are reading right now.
Browse Recommended Reading on Amazon →Frequently Asked Questions
What is Claude Mythos and why is it significant?
Claude Mythos Preview is Anthropic's most capable AI model to date, released April 7, 2026. It is a general-purpose language model whose strong coding and reasoning abilities translate into unprecedented cybersecurity performance — including the ability to autonomously find and exploit zero-day vulnerabilities across every major operating system and browser. Its significance lies not just in its performance but in Anthropic's decision not to release it publicly, which is the first time in nearly seven years that a major AI lab has withheld a frontier model over safety concerns.
Why did Bessent and Powell meet with bank CEOs about an AI model?
Because the financial system is one of the highest-value targets for cyberattacks, and Mythos-level AI capabilities could dramatically lower the barrier for sophisticated attacks on banking infrastructure. The meeting — held at Treasury headquarters on April 8 — was described by Bloomberg as evidence that regulators now view AI-augmented cyberattacks as one of the most significant systemic risks facing the financial industry. It was arranged on short notice, underscoring the urgency.
What is Project Glasswing and who is involved?
Project Glasswing is Anthropic's initiative to deploy Claude Mythos Preview exclusively for defensive cybersecurity work. Approximately 40–50 organizations have access, including Amazon, Apple, Microsoft, Google, Nvidia, Cisco, CrowdStrike, Palo Alto Networks, JPMorgan Chase, and the Linux Foundation. Anthropic is providing over $100 million in usage credits. The goal is to give the organizations that build the world's most critical software a chance to find and patch their own vulnerabilities before similar AI capabilities reach adversaries.
Is my data or bank account at risk because of Claude Mythos?
Not directly or imminently. Anthropic has restricted access to approximately 40–50 vetted organizations and is actively patching discovered vulnerabilities through responsible disclosure before making technical details public. The risk this story highlights is longer-term and structural: as AI models with comparable capabilities proliferate — including potentially in adversarial nations — the standard for adequate cybersecurity defense will rise across the board. The practical immediate action for individuals is to ensure multi-factor authentication is enabled on all financial and critical accounts.
What does Anthropic's legal dispute with the Pentagon mean for Mythos?
Anthropic is contesting the Pentagon's decision to designate it a national security supply-chain risk — a classification the company argues is incorrect. A federal appeals court declined to temporarily block that designation this week. The dispute complicates Anthropic's relationship with US defense agencies even as the company is actively briefing CISA and other federal officials on Mythos's capabilities. It's one of the more unusual situations in recent tech-government relations: a company simultaneously being kept at arm's length by the Pentagon and proactively engaging with regulators about its most sensitive technology.
Will Claude Mythos ever be available to the public?
Anthropic has not indicated a timeline for any broader release. The company's position is that Mythos Preview will not be made generally available in its current form. Future versions of the technology — with additional safeguards, improved alignment, or designed specifically to limit offensive applications — may eventually reach a wider audience. What's clear is that Anthropic has set a new precedent: when a frontier model is deemed too dangerous for general deployment, restricting access is now a legitimate and publicly defensible choice.
The Bottom Line — What This Moment Actually Tells Us
There is a version of this story that's easy to tell as pure alarm: a terrifyingly powerful AI was built, governments are scared, and the financial system is at risk. That version isn't wrong, but it misses the more complicated and ultimately more important thing happening here.
Anthropic chose not to sell its most impressive product. In an industry defined by the race to ship capabilities as fast as possible, that restraint is significant. Whether you read it as genuine responsibility or sophisticated positioning, the outcome is the same: the most capable AI security model in documented history is being used to patch bugs, not exploit them. That is, by any standard, the better outcome.
What the Treasury meeting, the Glasswing announcement, and the benchmark numbers collectively signal is that we've crossed a threshold. AI models can now do things in cybersecurity that were previously the exclusive domain of the world's best human experts. That capability will not stay contained. The time is fast approaching for all of corporate America and all of government to be prepared to guard against hackers with superhuman powers. The window to get ahead of this is closing fast.
The question worth asking now isn't whether this is alarming — it clearly is. The question is whether the institutions that need to respond to it are moving fast enough. Based on Tuesday's meeting at Treasury, at least some of them are trying.
What do you think — is Anthropic's controlled-release approach the right model for handling dangerous AI capabilities? Drop your take in the comments.
Sources
This article is based entirely on verified reporting and official announcements. Key sources:
- Anthropic — Project Glasswing official announcement
- Anthropic Red Team blog — Claude Mythos Preview technical details
- Bloomberg — Bessent, Powell Summon Bank CEOs Urgent Meeting
- Reuters via RTE — Powell warned bank CEOs on Anthropic model risks
- TechCrunch — Anthropic debuts preview of powerful new AI model
- NBC News — Why Anthropic won't release its new Mythos AI model to the public
- Axios — Anthropic's newest AI model could wreak havoc
- Fortune — Exclusive: Anthropic 'Mythos' AI model data leak
All factual claims in this article are drawn from the verified sources linked above and reflect publicly available reporting as of April 10, 2026.
