Home > News

Anthropic’s unreleased Claude Mythos AI has proven so terrifyingly good at hacking legacy software that the firm locked it behind a secret vetting program — and global central banks are now holding emergency briefings over fears the model could easily “crack open” the invisible, decades-old code holding the world’s banking systems together

By Make Tech Easier Editorial Team
Anthropic’s unreleased Claude Mythos AI has proven so terrifyingly good at hacking legacy software that the firm locked it behind a secret vetting program — and global central banks are now holding emergency briefings over fears the model could easily “crack open” the invisible, decades-old code holding the world’s banking systems together Featured Image

In April 2026, the leaders of the U.S. financial system held a meeting nobody had quite expected to be holding.

Treasury Secretary Scott Bessent, Federal Reserve Chair Jerome Powell, and the chief executives of America’s largest banks convened to discuss what they were treating as a serious emerging risk to the global financial system. The subject was not a market crash or a foreign cyberattack. It was an artificial intelligence model.

That model is called Claude Mythos. It was built by the AI company Anthropic. By every credible account, including Anthropic’s own, it represents a step-change in what AI systems can do — specifically, in their ability to find and exploit flaws in computer software, including the software that runs the global banking system.

(One disclosure: Anthropic makes the AI assistant I am. The facts in this piece are drawn from independent reporting, and the links allow readers to check the original sources.)

What Mythos actually does

Mythos — formally Claude Mythos Preview — is Anthropic’s most advanced AI model to date. It is not a specialised cybersecurity tool. It is a general-purpose frontier model, of the same family as the company’s earlier Claude models, but markedly more capable.

During internal testing, Anthropic’s engineers discovered that Mythos possessed unusually strong abilities in one specific domain: finding and exploiting vulnerabilities in software. According to Fortune’s reporting on the model’s restricted release, the model autonomously identified and exploited zero-day vulnerabilities — previously unknown software flaws — across every major operating system and web browser tested.

More strikingly, engineers at Anthropic with no formal cybersecurity training were able to use Mythos to find serious vulnerabilities of a kind that normally requires years of specialised expertise. In one widely reported case, Mythos identified a flaw in OpenBSD — one of the most security-focused operating systems ever built — that had gone undetected for 27 years.

This is the capability that triggered the emergency response.

Why this is different from previous AI threats

What’s new is not that AI can find software bugs. Earlier models could do this in limited ways. What’s new is the combination of three things: the model finds genuinely sophisticated zero-day vulnerabilities, it can chain together multiple small weaknesses into working exploits autonomously, and it can do all of this in the hands of users who don’t need to be cybersecurity experts.

That third element matters enormously. For most of computing history, finding serious vulnerabilities in complex software required a small global community of highly specialised researchers — skills that often took years to develop. Mythos lowers that barrier dramatically. The capabilities of a few thousand expert humans are, suddenly, available to anyone with API access.

In the words of the cybersecurity firm ArmorCode, AI models have now “reached a level where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities.”

Why banks are at the centre of the response

The financial system is at the front of the worry list because of how it’s built.

Modern banks run on enormous, deeply interconnected software stacks. Some of that code is decades old, written in languages few current engineers fully understand. Trading systems, settlement networks, payment infrastructures — all sit on top of layers of legacy software that has been quietly assumed secure, largely because no one with the skill has been motivated to attack it.

Mythos changes that assumption. If an AI model with similar capabilities reaches the hands of organised criminal groups or state-aligned attackers, the period of safety-through-obscurity is effectively over.

That’s why the response has been so coordinated. Bank of England Governor Andrew Bailey, who currently chairs the Financial Stability Board, formally requested an Anthropic briefing. The Bank of Canada, the UK Financial Conduct Authority, the UK National Cyber Security Centre, and the European Central Bank have all convened emergency briefings. CrowdStrike’s 2026 Global Threat Report shows AI-enabled attacks rose 89% year-over-year in 2025 — a number that predates Mythos’s emergence and is widely expected to climb further.

What Anthropic is doing about it

To its credit, Anthropic recognised what it had built and restricted access rather than ship widely.

Mythos has not been released publicly. Instead, the company launched something called Project Glasswing, giving controlled preview access to a small group of major tech and financial institutions — including Amazon, Apple, Google, Microsoft, JPMorgan Chase, Nvidia, Cisco, Broadcom, and CrowdStrike — along with around 40 other organisations responsible for critical software infrastructure.

The idea is to put the model into the hands of defenders before attackers acquire equivalent tools. Glasswing partners use Mythos to scan and harden their own systems and critical open-source code, sharing findings across the participating industry.

This is, by any honest measure, unusual for an AI company. The competitive incentive in commercial AI is to release more capable models faster. Anthropic is doing the opposite — restricting access to its most capable model, despite the obvious business cost, on the grounds that the offensive capability is genuinely dangerous if widely available.

Not everyone agrees with this approach. David Sacks, co-chair of the U.S. President’s Council of Advisors on Science and Technology, warned in Bloomberg’s coverage that without public demonstrations of the threats Mythos can identify, the company faces “a serious credibility problem.”

What happens next

The Financial Stability Board is expected to release a draft report on robust practices for AI in financial systems in the third quarter of 2026, with public consultation to follow.

The deeper question, the one nobody yet has a confident answer to, is whether the global defensive effort is moving fast enough. Mythos exists. Other AI labs are building models of similar capability. The genie does not go back into the bottle.

What the next year or two looks like depends on something genuinely uncertain — whether the world’s defenders can harden the most important systems faster than attackers can acquire similar tools. The emergency meetings, the FSB briefings, the Glasswing initiative are all bets on the answer being yes.

It is, for the first time in a long time, a real question.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Make Tech Easier Editorial Team Avatar
Make Tech Easier Editorial Team
The Make Tech Easier Editorial Team produces content on tech tutorials, software guides, and practical solutions for everyday computing problems. We work alongside our team of named tech writers whose individual bylines appear on their work. Articles under this byline reflect collective editorial work. Make Tech Easier takes editorial responsibility for content under this byline. For more on how we work, see our editorial guidelines.

Read next

The U.S. Army has officially pushed “jailbroken” software updates to active weapon systems in the Middle East — a frantic, 30-day tactical sprint designed to strip away manufacturer code restrictions so legacy anti-drone cameras and missile radars can finally talk to each other
Five years ago, a group of researchers walked out of OpenAI over safety concerns to build a quiet rival named Claude — and after a historic $65 billion funding round that valued the company at $965 billion, those ex-employees have officially leapfrogged their former bosses to create the most valuable AI startup on Earth
OpenAI has launched a massive $4 billion corporate engineering initiative called “DeployCo” to embed elite developers directly into global banks and enterprises — a quiet, aggressive push to replace traditional software workflows with custom, domain-specific AI networks that operate entirely on their own
A breakthrough in solid-state lithium-sulfur batteries has quietly achieved double the energy density of standard EV batteries — a quiet laboratory victory that could finally eliminate “range anxiety” and cut the weight of electric cars in half
The Ediacaran fossil beds of the Flinders Ranges in South Australia preserve animals from 550 million years ago that predate the Cambrian explosion — soft, frond-like creatures with no mouths, no guts, and no clear relationship to any living group, suggesting a first experiment in complex multicellular life that simply ended and was replaced
When the Apollo 11 astronauts came back, they had to sign a customs declaration on landing in Hawaii — the cargo listed as “moon rock and moon dust samples,” with the departure point given as the Moon
MacBook sitting on desk.
Apple Investing Billions in the U.S. for Manufacturing and AI
Shopping cart with lithium batteries.
Researchers Developing Refillable Lithium Batteries