Overview
- The UK’s AI Security Institute, which published results Monday, found Claude Mythos Preview solved 73% of expert capture‑the‑flag tasks and completed a 32‑step corporate network takeover in 3 of 10 runs without human help.
- Following April 7’s unannounced Treasury meeting, Scott Bessent and Jerome Powell briefed CEOs of the largest US banks on Mythos’s potential to destabilize financial cybersecurity.
- Anthropic has blocked a public release and is routing access through Project Glasswing to a vetted set of tech, security, and financial firms so they can use the model to find and fix flaws before attackers do.
- A new CSA/SANS/OWASP report warns organizations are likely to be overwhelmed because attackers can chain and weaponize bugs faster than companies can patch, and experts stress that legacy systems and slow update cycles are the real exposure.
- Examples cited by Anthropic include a 27‑year OpenBSD weakness and a 16‑year FFmpeg bug, and officials in the US, UK, and Canada have held sector briefings, with Canada’s AI minister arranging talks with Anthropic as banks assess shared‑vendor risks that could turn one exploit into many.