Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with Wall Street’s top executives last week to address systemic cyber risks posed by Anthropic’s new Mythos artificial intelligence model. According to American Banker and Outlook Business, this high-level summit underscored a growing concern among regulators that the advanced capabilities of Mythos could usher in a new era of cyber threats specifically targeting the stability of the global financial sector.
The transition from AI as a productivity enhancer to a potential autonomous threat marks a significant shift in the digital landscape, as tools like Mythos demonstrate the ability to exploit complex browser vulnerabilities. While the initial industry shock regarding the model’s power is beginning to subside, bank leadership is now under pressure to overhaul data governance and join defensive security consortiums to counter accelerated attack cycles. As reported by Bloomberg, the involvement of both the Treasury and the Federal Reserve signals that the government views these developments as a systemic threat rather than a localized technical issue, requiring a coordinated response from the nation’s largest financial institutions.
Strategic Coordination Between Federal Regulators and Financial Leaders
The meeting at the Treasury Department headquarters was organized on short notice, reflecting the perceived urgency of the Mythos release. Regulators summoned the chief executives of the nation’s most systemically important lenders, including JPMorgan Chase, Goldman Sachs, Citigroup, and Bank of America. This specific cohort of banks represents the backbone of the American financial infrastructure, where a single successful cyber exploit could have cascading effects across global markets.
White House national economic adviser Kevin Hassett confirmed that the primary objective of the gathering was to raise awareness regarding the specific cyber risks associated with next-generation AI models. By engaging the CEOs directly, the Treasury and the Federal Reserve aimed to ensure that the highest levels of bank management are prioritizing defensive measures. This top-down approach suggests that regulators believe the threat environment has evolved beyond the scope of traditional IT departments, now requiring executive-level strategic oversight.
The designation of these banks as “systemically important” is a critical factor in why they were the primary audience for this warning. Under federal guidelines, these institutions are subject to stricter oversight because their operational health is tied to the stability of the broader economy. The government’s decision to bring these specific leaders together implies that the Mythos model possesses capabilities that could bypass standard institutional defenses, potentially threatening the integrity of the entire financial network if one node is compromised.
Despite the high-stakes nature of the meeting, officials did not cite a specific, active threat or an imminent attack plan involving Mythos. Instead, the focus remained on preparing for a “new generation of cyberattacks” that utilize AI to discover vulnerabilities at speeds previously impossible for human actors. According to Outlook Business, the message from Secretary Bessent and Chair Powell was clear: financial institutions must assess whether they can utilize these same AI tools to find and patch their own security weaknesses before malicious actors can exploit them.
Technical Capabilities and Autonomous Exploitation Risks
Anthropic’s decision to withhold Mythos from the general public was a self-imposed safety measure rooted in the model’s demonstrated capacity for autonomous action. Unlike previous iterations of generative AI that primarily focused on text and image creation, Mythos is capable of identifying and exploiting security weaknesses across all major operating systems and web browsers. This functionality allows the model to perform complex tasks that simulate the behavior of a sophisticated human hacker but at a significantly higher scale and velocity.
The “autonomous” nature of the model is its most concerning feature for security experts. Mythos can chain multiple vulnerabilities together, a process where one minor flaw is used to gain the leverage necessary to exploit a second, more critical weakness. While human hackers often spend weeks or months mapping out these chains, an AI model can process these permutations in a fraction of the time. This capability was hinted at in Anthropic’s earlier release of the “computer use” feature for Claude 3.5 Sonnet, which allowed the AI to navigate interfaces and move cursors much like a human operator.
One specific technical threat highlighted by experts is the model’s vulnerability to “prompt injection” in a way that directly impacts system security. If the AI is used to browse the web or interact with external data, malicious instructions hidden on a website could potentially hijack the AI’s cursor or command functions. This creates a scenario where the AI, while performing a legitimate task for a bank employee, could be tricked into executing unauthorized transfers or revealing sensitive internal data without the user’s knowledge.
The operational impact of “cross-site” data access presents a particularly acute risk for the banking sector. In this scenario, the AI could potentially access data from one browser tab—such as a secure banking platform—while interacting with a malicious script in another. If the AI is capable of autonomous navigation across these environments, the traditional boundaries that keep financial data isolated from the open web could become porous. According to American Banker, this technical reality is what prompted the Treasury to emphasize the need for updated data governance frameworks that specifically account for AI-driven browser interactions.
Project Glasswing: Restricted Access and Defensive Testing Frameworks
To manage the risks associated with Mythos while still exploring its potential, Anthropic launched “Project Glasswing.” This initiative provides restricted access to the model for a select group of organizations, allowing them to conduct security testing in a controlled environment. The participants include major financial institutions like JPMorgan, as well as technology giants such as Amazon and Apple. By including infrastructure providers like Amazon and Apple, Anthropic is effectively testing the model’s impact on the cloud and hardware levels that banks rely on for their daily operations.
Michael Sellitto, an executive at Anthropic, has detailed several internal safeguards designed to prevent the model from being used for malicious purposes during this testing phase. These include automated classifiers that scan for harmful intent and monitoring systems that track the model’s activity in real-time. These guardrails are intended to ensure that even within the restricted group, the model cannot be weaponized against critical infrastructure or used to develop new malware without detection.
Furthermore, Anthropic has implemented strict usage restrictions for Mythos during the Project Glasswing phase. The model is currently prohibited from accessing government websites or social media platforms, reducing the risk of it being used for political interference or large-scale social engineering. These boundaries are designed to keep the model’s focus on technical security testing and defensive research, rather than allowing it to interact with the broader public internet where its autonomous capabilities could cause unforeseen harm.
The effectiveness of this “restricted access” strategy remains a point of debate among cybersecurity professionals. While it allows for the development of defensive tools, it also creates a period where only a few powerful entities have access to a potentially transformative technology. The goal of Project Glasswing is to identify and patch vulnerabilities before similar, less-controlled models are inevitably developed by other actors. However, this relies on the assumption that the safeguards within Project Glasswing are robust enough to contain a model that Anthropic itself has labeled as dangerous.
Evolving Federal Guidance and Legal Friction
The current warnings from the Treasury and the Federal Reserve are part of a broader regulatory trend regarding generative AI. In March 2024, the Treasury Department issued a report warning that AI tools were lowering the barriers to entry for unskilled cybercriminals. By automating the creation of phishing emails and basic malware code, generative AI has allowed a wider range of actors to launch effective attacks against financial institutions. Mythos represents an escalation of this trend, moving from assisting human criminals to potentially acting as an independent agent of exploitation.
This regulatory push coincides with significant legal and administrative tension between Anthropic and the U.S. government. Anthropic has recently been involved in a dispute over a “supply-chain risk” designation from the Pentagon. This designation suggests that the government views the company’s software as a potential liability to national security, a claim that Anthropic has contested. This friction highlights the complex relationship between the state and AI developers, where the government must balance its role as a regulator with its need to partner with these companies for defensive testing.
The dual role of the government as both an accuser and a partner is evident in how the Mythos rollout has been handled. While the Pentagon raises concerns about supply-chain risks, the Treasury and the Fed are actively encouraging banks to use Anthropic’s tools to harden their defenses. This suggests a fragmented approach to AI governance within the federal government, where different agencies prioritize different aspects of the technology’s impact on national security and economic stability.
For Wall Street, this regulatory environment creates a challenging landscape for compliance. Banks are being told to be wary of the risks posed by models like Mythos while simultaneously being urged to adopt them for defensive purposes. This necessitates a delicate balancing act where financial institutions must integrate advanced AI into their security stacks without inadvertently creating new vulnerabilities through the very tools they are using for protection.
Proactive Defense in the Age of Autonomous AI
The immediate reaction from Wall Street has shifted from initial alarm to a structured effort to understand the defensive applications of the Mythos model. Major banks are now moving from a state of shock to active probing, utilizing the restricted access provided by Project Glasswing to simulate attacks and identify weak points in their digital perimeters. This proactive stance is seen by regulators as the only viable way to counter a threat environment where cyberattacks can move at machine speed.
The partnership between Anthropic and the Treasury Department may serve as a template for how future “dangerous” AI releases are managed. By involving federal regulators and systemically important institutions before a general release, developers can create a buffer period for defensive preparation. However, the long-term success of this model depends on whether the defensive tools developed today can keep pace with the rapid evolution of autonomous AI capabilities. As financial institutions continue to test Mythos, the focus remains on ensuring that the stability of the global economy is not compromised by the next generation of digital innovation.
