Anthropic’s Mythos AI model is once again at the center of cybersecurity concerns, with major U.S. banks racing to fix weaknesses flagged by the tool while the Pentagon moves to deploy the same technology across government networks despite planning to phase out the company’s products.
According to Reuters, some of the largest U.S. lenders with access to Mythos are using the model to scan IT systems and uncover vulnerabilities, triggering urgent repair work, software upgrades and wider discussions over how quickly banks must now respond to cyber risks.
U.S. banks rush to close cyber gaps
The banks testing Mythos are finding that the model can connect several lower-risk weaknesses into more serious vulnerabilities, pushing lenders to review older systems and accelerate patching work that previously may have taken much longer.
These findings are adding pressure on banks with aging technology, as Mythos proves highly effective at detecting flaws in proprietary and open-source code.
Some institutions are now uncovering hundreds or even thousands of low-to-moderate issues that must be fixed, adding pressure for more frequent maintenance as lenders move to reduce exposure.
Nitin Seth, co-founder and CEO of Incedo, said the shift is a “wake-up call” for banks, warning that cyber risk is now moving at machine speed while many defenses still rely on slower human-led processes.
Pentagon turns to Mythos amid rising AI security concerns
In Washington, the Pentagon is deploying Mythos to help find and patch software vulnerabilities across U.S. government systems, even as the Defense Department continues with plans to transition away from Anthropic.
Emil Michael, the Defense Department’s chief technology officer and under secretary for research and engineering, described the issue as a “national security moment,” saying AI tools such as Mythos can help harden networks faster because they are built to identify and help close cyber gaps at speed.
Anthropic has said the system can detect long-running vulnerabilities in browsers, infrastructure and software, though officials have also warned that the same class of tools could help attackers exploit weaknesses more quickly.
Europe warned over Mythos access gap
These developments followed earlier warnings from European Central Bank President Christine Lagarde, who said on May 9 that the ECB was examining how euro zone lenders should prepare for cyber risks linked to Mythos as access to the model remains limited outside the United States.
Lagarde told an event in Spain that supervisors were looking at defensive steps for banks if advanced AI systems built to detect code weaknesses are eventually used by hostile actors.
For European regulators, the issue is not only what Mythos can do, but who gets to study it, as Anthropic has kept access to a small group of U.S. companies and partners during testing, leaving officials and banks elsewhere to plan for possible threats without being able to examine the model directly.
The attention around Mythos points to a faster-moving phase of financial cybersecurity, where banks and governments are trying to defend against AI systems that can uncover and combine software weaknesses at a pace traditional security teams may struggle to match.