Anthropic's Mythos model can find zero-day vulnerabilities in every major operating system. Europe's banking regulators believe they need it to defend their institutions. The White House disagrees — while Washington quietly uses it for itself.
Anthropic unveiled Mythos on 7 April. The capability description does not undersell it. Mythos Preview is a frontier AI model whose coding capability has crossed a threshold that security researchers treat as qualitatively different: it can identify software vulnerabilities at a speed and depth that surpasses all but the most elite human researchers.
The evaluation numbers are specific. Thousands of high-severity vulnerabilities were found across major operating systems and browsers within days of testing. Among them: a 27-year-old bug in OpenBSD that had survived decades of independent security review; a 16-year-old remote code execution flaw in FreeBSD; and 271 separate Firefox vulnerabilities, each patched by Mozilla after a single Mythos evaluation pass.
Cryptographer Bruce Schneier and other analysts writing on the model's strategic implications have reached a clear conclusion: a model with these capabilities, deployed offensively, gives attackers a structural advantage that defenders cannot match without equivalent access. The corollary is direct — defenders without comparable access are now meaningfully behind.
That is the calculation Europe's banking supervisors have been running. Germany's Bundesbank moved first in late April, publicly calling on the EU to demand access to Mythos, arguing that without it European banks cannot realistically stress-test their own infrastructure against threats an adversary with the model could mount.
The ECB, meanwhile, convened calls with chief risk officers at eurozone lenders and began collecting data on how banks are preparing for AI-powered cyberattacks. ECB president Christine Lagarde acknowledged Anthropic as a responsible operator while noting that the model "in the wrong hands could be really bad." The Eurogroup — the informal meeting of euro-area finance ministers — convened specifically on 4 May to discuss the access question. It concluded without an answer.
Beyond the eurozone, Switzerland's FINMA took a different angle: it warned that immediate, broad Mythos access would itself pose a systemic risk — not because the model is malicious, but because deploying offensive-grade security capability without the defensive infrastructure to handle its outputs could overwhelm banks' existing incident-response systems. The IMF's managing director Kristalina Georgieva told reporters at the Fund's spring meetings that the international monetary system "does not yet have the protections it would need against a sustained AI-augmented cyber-incident."
The Trump administration's position rests on two arguments. First, a model capable of writing exploits cannot, by definition, be safely distributed. Second, the infrastructure required to support a wider rollout — cleared facilities, access controls, monitoring — does not yet exist for the expanded user base Anthropic is proposing.
Both arguments are internally coherent. What makes them awkward is the context. The National Security Agency is already using Mythos under arrangements that predate the public dispute. The US Treasury has separately requested access to find flaws in its own systems. The Pentagon has, in a related procurement matter, designated Anthropic a supply-chain risk. The administration's posture is, in practice, restrictive on outward distribution and permissive on its own access — a position that is strategically defensible but difficult to explain to NATO allies who would, in any conventional intelligence relationship, expect to be on the inside of such an arrangement.
That asymmetry, more than the model itself, is what has generated the European reaction.
A separate development has added pressure to the debate. Reporting confirmed that a group had already gained unauthorized access to Mythos through a third-party contractor who had legitimate model access. The group has been using it — reportedly not for active hacking, since detection would end that access. But the implication is plain: Mythos capabilities are not contained within official access controls. They are already available to actors outside any formal oversight framework.
For European regulators arguing that they need access to defend their institutions against exactly these threats, the logic is pointed. The model is out. The only question is who can use it legally — and who is using it anyway.
The Mythos dispute is, at one level, a familiar technology-access argument dressed in AI language. At another level it reflects something more consequential: the gap between the pace of AI capability development and the speed at which international frameworks for sharing — or restricting — those capabilities can be built. European banks are being asked to defend against threats they cannot simulate, using tools they cannot access, on timelines set in Washington. That is a structural problem a single Eurogroup meeting will not resolve.
.png)
.png)
.png)
