- Treasury Secretary Scott Bessent and Fed Chair Jerome Powell summoned the CEOs of Citigroup, Goldman Sachs, Bank of America, Morgan Stanley, and Wells Fargo to an urgent, previously unreported meeting at Treasury HQ Tuesday over cybersecurity risks posed by Anthropic’s new Mythos AI model
- Anthropic has said Mythos can identify and exploit vulnerabilities in every major operating system and web browser — capabilities so alarming that Anthropic has restricted its initial release to a small group of major tech and finance firms including Amazon, Apple, and JPMorgan, under a program called “Project Glasswing”
- Regulators are treating the possibility of a new breed of AI-powered cyberattacks as one of the biggest systemic risks facing the global financial system; all banks summoned are classified as systemically important institutions whose stability is a global priority
- Anthropic has separately been fighting the Trump administration in court after the Pentagon labeled the company a supply-chain risk — a designation a federal appeals court declined to pause earlier this week
What Happened?
Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell arranged an urgent, short-notice meeting at Treasury headquarters in Washington on Tuesday, convening the chief executives of the country’s most systemically important banks to warn them about cybersecurity risks posed by Anthropic’s newly released Mythos AI model. Attending were the CEOs of Citigroup, Goldman Sachs, Bank of America, Morgan Stanley, and Wells Fargo; JPMorgan’s Jamie Dimon was unable to attend. The meeting — previously unreported — was designed to ensure that bank leadership is aware of potential new threats and is taking active precautions to harden their systems. Anthropic has described Mythos as capable of autonomously identifying and exploiting vulnerabilities across every major operating system and web browser when directed by a user to do so.
Why It Matters?
The convening of the Treasury Secretary and the Federal Reserve Chair for an emergency meeting with Wall Street CEOs over a single AI model is an extraordinary signal of how seriously regulators now view AI-enabled cyber risk as a systemic financial threat. Anthropic itself has recognized Mythos’s danger potential by limiting its initial release to a curated group of major technology and finance firms — Amazon, Apple, and JPMorgan — through a program called Project Glasswing, which is focused on securing critical systems before similar models become more widely available. The worry is not hypothetical: AI models that can autonomously find and exploit software vulnerabilities would represent a qualitative leap in offensive cyber capability, compressing attack timelines and enabling adversaries to target financial infrastructure at a scale and speed previously impossible. The fact that regulators are pre-emptively briefing systemically important banks suggests they believe the risk window is short.
What’s Next?
Anthropic has said it was in discussions with U.S. officials about Mythos’s offensive and defensive cyber capabilities prior to release. The Treasury and Fed have not publicly commented on the meeting. Financial institutions are now expected to accelerate their cyber-resilience assessments, particularly around operating system and browser vulnerabilities. Separately, Anthropic is engaged in an active legal battle with the Pentagon, which has labeled the company a supply-chain risk — a designation a federal appeals court declined to pause earlier this week. As more powerful AI models reach the market, the Bessent-Powell meeting may be a preview of a new kind of systemic risk governance that blends financial regulation with AI safety oversight.
Source: Bloomberg
