Too OP to Release: Powell and Bessent Tell Banks Their New AI Problem Finds Zero-Days Like It's Nothing

U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened a meeting with Wall Street bank CEOs this week to address cybersecurity risks tied to Anthropic's new artificial intelligence model, Mythos. Picture the most powerful cybersecurity tool ever built, and then imagine it decides whether to become a digital locksmith or a very polite houseguest who lets himself in and rearranges your furniture. That's Mythos for you.

Executives from Citigroup, Bank of America, Wells Fargo, Morgan Stanley, and Goldman Sachs attended the meeting. Officials discussed concerns about Mythos' advanced cybersecurity capabilities, which have drawn broad attention across the industry. The banking industry's response was roughly equivalent to discovering your newest employee can crack any vault in the world but hasn't signed a non-compete agreement.

The model surfaced online in March after draft materials leaked, revealing what Anthropic described as its most capable AI system yet. In testing, Mythos reportedly found thousands of previously unknown software vulnerabilities, including zero-day flaws across major operating systems and web browsers. Think of it as that one friend who shows up to a dinner party and casually mentions they've found four different ways to pick the lock on everyone's front door—while everyone's still trying to figure out if that was a flex or a threat.

"The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them," Anthropic researchers wrote. In other words, it's the kind of Swiss Army knife that comes with a disclaimer and possibly a team of therapists.

Anthropic confirmed the existence of Claude Mythos Preview this week, its most capable model to date, and announced it won't be making the model available to the public. The reason isn't regulatory or related to internal safety thresholds—it's because Mythos is, frankly, too good at breaking into things. Sometimes the FUD isn't priced in yet because the product is literally too good at finding the exits.

In pre-release testing, the model autonomously discovered thousands of zero-day vulnerabilities, many of them one to two decades old, across every major operating system and browser. Yes, you read that correctly—decades-old bugs that survived multiple security audits and somehow persisted through every patch Tuesday since 2004 are now sweating bullets.

"Given the strength of its capabilities, we're being deliberate about how we release it," Anthropic said. "We consider this model a step change and the most capable we have built to date." Translated from corporate-speak: this thing hits different, and we're not about to let it loose on the internet like a degen with a new wallet address.

To address these risks, Anthropic is testing Mythos through Project Glasswing, a collaboration with major technology and cybersecurity companies that uses the model to identify and patch vulnerabilities in critical software before attackers can exploit them. It's basically a bug bounty program