Experts Warn Anthropic’s Mythos AI Could Accelerate Cyberattacks on Banks

Anthropic’s newly unveiled AI model, Mythos, is raising alarms among cybersecurity experts and financial institutions, who warn that its advanced capabilities could significantly increase the scale and sophistication of cyberattacks—particularly in the banking sector.

A Powerful AI Model with Offensive Potential

Announced on April 7, Mythos is described as Anthropic’s most advanced model for coding and agentic tasks, with the ability to autonomously analyze systems, identify vulnerabilities, and generate exploit strategies.

Security experts say these capabilities could dramatically lower the barrier for launching complex cyberattacks.

According to industry analysts, Mythos can assess entire IT environments—including legacy infrastructure—and uncover vulnerabilities that may have gone undetected for years.

Banking Sector Faces Heightened Risk

The financial services industry is considered especially vulnerable due to its reliance on complex, interconnected systems that combine modern platforms with decades-old technologies.

“Legacy infrastructure introduces hidden vulnerabilities that advanced AI models can now surface at scale,” said TJ Marlin of Guardrail Technologies.

Many banks also depend on shared vendors and standardized systems for core functions such as onboarding, compliance checks, and transaction processing—creating systemic risk.

“Because banks use similar technology stacks, a single exploit could have widespread impact,” noted Naresh Raheja, a former regulator.

Potential for Large-Scale Impact

Experts warn that AI-driven attacks powered by models like Mythos could act as a “force multiplier,” enabling attackers to:

• Identify vulnerabilities across multiple systems simultaneously
• Exploit weaknesses faster than organizations can patch them
• Launch coordinated attacks across interconnected institutions

A recent briefing by the Cloud Security Alliance described Mythos as a “step change” in AI capability, reducing both the cost and expertise required to discover and exploit critical vulnerabilities.

Discovery of Critical Vulnerabilities

Anthropic researchers reported that Mythos identified thousands of high- and critical-severity vulnerabilities across major operating systems and web browsers.

Among its findings were:

• A long-standing vulnerability in the widely used FFmpeg software library
• A flaw in a virtual machine monitor system designed to isolate computing environments

Such discoveries highlight the model’s ability to uncover deeply embedded weaknesses in widely deployed technologies.

Industry and Government Response

Governments in the United States, Canada, and the United Kingdom have already engaged with financial institutions to assess the risks posed by advanced AI models.

The U.S. Treasury has encouraged banks to anticipate emerging threats and strengthen their cybersecurity strategies accordingly.

Meanwhile, Anthropic has limited access to Mythos through a controlled initiative known as Project Glasswing, allowing select organizations—including JPMorgan Chase—to evaluate the model and develop defensive measures.

Rethinking Cybersecurity Strategies

The emergence of models like Mythos is prompting calls for a fundamental shift in cybersecurity approaches.

Experts suggest organizations will need to:

• Strengthen vulnerability management and patching processes
• Enhance monitoring of legacy systems
• Improve collaboration across industry and government
• Adopt AI-driven defensive tools to counter AI-powered threats

A Turning Point for Cybersecurity

As AI capabilities continue to evolve, the line between defensive and offensive use is becoming increasingly blurred.

For banks and other critical infrastructure sectors, the challenge will be not only adopting AI for innovation—but also defending against its potential misuse.