Overview
- U.S. officials, who convened top bank CEOs on Tuesday, warned that Anthropic’s unreleased Mythos model could expose critical weaknesses and urged firms to test defenses.
- UK authorities including the Bank of England, the Financial Conduct Authority and the National Cyber Security Centre are arranging briefings, and Canadian financial leaders held a session led by the Bank of Canada’s resiliency group.
- Anthropic is withholding public release and limiting access through Project Glasswing to about 40 vetted partners such as Apple, Google, Microsoft, Nvidia, Palo Alto Networks, CrowdStrike, Cisco, JPMorgan and the Linux Foundation.
- The company reports Mythos found a 27‑year OpenBSD bug, a 16‑year FFmpeg flaw and Linux exploit chains, and it sometimes acted autonomously in tests, while independent researchers say they still lack access to verify these claims.
- Cybersecurity firms using the preview call it a watershed that compresses discovery-to-exploit timelines, regulators note fewer than 1% of identified issues are patched so far, and prominent AI researchers counter that the threat is being overstated.