US Treasury and Fed officials urged top Wall Street banks to test Anthropic’s Mythos AI model
Project Glasswing grants restricted access to lenders like JPMorgan and Goldman Sachs for security probing
The model can autonomously chain vulnerabilities and exploit browser data between different websites
US Authorities Urge Wall Street Banks to Test Anthropic Mythos AI for Cyber Defense
US Treasury and Fed officials met with top banks to encourage the use of Anthropic’s Mythos AI model for security probing
US Authorities Urge Wall Street Banks to Test Anthropic Mythos AI
Summary
Advertisement
US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell have urged major Wall Street banks to test Anthropic’s new Mythos AI model for finding security weaknesses, Bloomberg reported.
At a meeting with top banking executives held on short notice at the US Treasury headquarters in Washington, DC, officials reportedly encouraged banks to use the model to probe their own systems and strengthen defences. The participating institutions are systemically important lenders whose stability is critical to the broader financial system.
Which Banks Participated?
Although JPMorgan Chase was the only bank publicly named as an initial partner with access to the Mythos model, other major institutions, including Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley, are also reportedly testing it internally.
Officials did not cite any specific threat to banks, but the message was clear: financial institutions should prepare for a new generation of cyberattacks and assess whether AI tools can help detect vulnerabilities before attackers do.
Advertisement
Anthropic’s Mythos Model
Anthropic introduced the Mythos model this week but said access would remain limited due to its unusually strong ability to identify security flaws, despite not being specifically trained for cybersecurity.
The company has restricted access to a small group of organisations, including JPMorgan, Amazon, and Apple, under its “Project Glasswing” initiative, which aims to secure critical systems before similar tools become widely available. Anthropic also said it discussed the model’s offensive and defensive cyber capabilities with US officials prior to its release.
According to the company’s internal testing, the model was able to identify and potentially exploit browser vulnerabilities, including methods that could allow one website to access data from another, such as a banking platform. Anthropic said the model could autonomously discover ways to extract information across multiple browsers and chain together vulnerabilities that human hackers might find difficult to combine.
Advertisement
Anthropic-Pentagon Conflict
The outreach from Bessent and Powell comes at a time when Anthropic is also engaged in a legal dispute with the administration of Donald Trump over a Pentagon designation that labels the company as a supply-chain risk. Separately, regulators in the United Kingdom are reviewing the potential risks posed by the model.
The episode reflects growing regulatory urgency around AI-driven cyber threats, even as banks already face capital requirements tied to operational risks such as cyberattacks, legal liabilities, and employee misconduct.