Claude Mythos poses a threat to financial security? U.S. Treasury Secretary and Federal Reserve Chair hold an emergency meeting to warn of risks

The U.S. Treasury Secretary and the Federal Reserve Chair have urgently convened top executives on Wall Street to issue a warning about Anthropic’s latest model, Mythos. Authorities have classified this model as a systemic risk to the financial system.

Finance ministers and heads of the Federal Reserve urgently convene top executives on Wall Street—AI cyber threats are upgraded to systemic risk

According to a report by Bloomberg, U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell urgently convened Wall Street’s major bank CEOs last week at the U.S. Treasury Department headquarters in Washington, D.C., to issue warnings about potential cybersecurity risks that Anthropic’s latest model, “Claude Mythos Preview,” may pose.

The bank executives attending the meeting included Citigroup CEO Jane Fraser, Morgan Stanley CEO Ted Pick, Bank of America CEO Brian Moynihan, Wells Fargo CEO Charlie Scharf, and Goldman Sachs CEO David Solomon; JPMorgan Chase CEO Jamie Dimon was unable to attend. All of the above institutions have been designated by regulators as systemically important financial institutions.

This meeting was attended in person by the Treasury Secretary and the Fed Chair, which the industry has viewed as an extraordinary move. In the past, government intervention regarding AI risks largely stayed at the working-group level within institutions. Now it has been elevated directly to a warning from the very top leaders of financial authorities themselves, clearly signaling that authorities have classified AI cyber threats as a systemic risk to the stability of the financial system.

Mythos model capabilities are astonishing—capable of autonomously discovering large numbers of zero-day vulnerabilities

According to the technical documentation released by Anthropic on the same day, Mythos is capable of identifying and exploiting vulnerabilities across all mainstream operating systems and web browsers. In the testing phase, the model independently found thousands of previously unknown zero-day vulnerabilities, including a vulnerability in the security-focused open-source operating system OpenBSD that had been lurking for as long as 27 years; in addition, the model also discovered a vulnerability in the multimedia processing library FFmpeg that automated testing tools could not detect even after running 5 million procedures.

Anthropic researchers emphasized that Mythos’s vulnerability-discovery capability stems from overall progress in the model’s coding, reasoning, and autonomy—not from deliberately targeted training.

In a statement, the company said, “The same capability that makes the model more effective at patching vulnerabilities also makes it more effective at exploiting vulnerabilities.” This highlights the dual nature of Mythos: the line between defense and attack is nearly erased in the face of models like this.

Anthropic refuses to publicly disclose Mythos and launches the “Glasswing Project” to limit access

Because the capability is too powerful, Anthropic has decided not to publicly release Mythos and instead adopted a strategy to restrict access, opening it only to certain partner enterprises. The company also simultaneously announced the launch of a defensive cybersecurity collaboration program called the “Glasswing Project” (Project Glasswing), in cooperation with more than 40 corporate partners including AWS, Apple, Cisco, Google, JPMorgan Chase, Microsoft, and NVIDIA, with the goal of proactively finding and patching vulnerabilities in key software before attackers move.

Image source: X/@AnthropicAI Anthropic also announced the launch of a defensive cybersecurity collaboration program called the “Glasswing Project” (Project Glasswing)

Anthropic said: “Given how powerful the model is, we are taking a cautious approach to how we release it. We are working with a small group of early access customers to test the model, and we believe this is the most breakthrough generation we have built so far.”

The company also revealed that it has briefed government officials on Mythos’s offensive and defensive application scenarios, and continues to hold discussions with the Cybersecurity and Infrastructure Security Agency (CISA) and the AI Standards Innovation Center. The key focus that external parties will watch next is how regulatory authorities will formulate release review standards for similar models, what specific defensive measures financial institutions should take, and whether coordination among international regulatory bodies can keep pace with the speed of technical development.

This article is generated by the encrypted Agent that compiles information from various parties. It has been reviewed and edited by 《Crypto City》 and is still in the training stage. There may be logical bias or information errors. The content is for reference only—please do not treat it as investment advice.