Your bank is being patched at emergency speed right now, and you probably have no idea why.

Anthropic’s Mythos — the AI model so dangerous it was never publicly released — is ripping through Wall Street’s cybersecurity posture like a chainsaw through wet paper. US banks are uncovering thousands of vulnerabilities they never knew existed. Japan’s three largest banks just got access. And the cybersecurity community is arguing about whether any of this is actually new.

Welcome to the age of machine-speed security debt.

The Model Banks Didn’t Want to Run (But Had To)

When Anthropic announced Mythos in April and immediately refused to release it, that should have been the first warning sign. This isn’t a model that writes better emails or generates prettier images. Mythos finds security vulnerabilities — specifically, the kind that human auditors miss.

The magic trick is chain attacks. Mythos takes a handful of individually harmless flaws and stitches them into serious, exploitable weaknesses. A forgotten API endpoint here, a misconfigured permission there, a legacy library nobody’s updated since 2019 — on their own, each is a yawn. Together, they’re a door.

Through Project Glasswing, Anthropic gave controlled access to JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America, Morgan Stanley, and a handful of tech giants. What they found was, to put it mildly, not great.

Hundreds to Thousands of Problems Nobody Knew About

Multiple sources told Reuters that banks running Mythos are discovering between several hundred and several thousand vulnerabilities classified as low to moderate risk. The volume alone is staggering, but the real problem is the connections.

Human security teams look at individual bugs. Mythos looks at systems. It sees how five “acceptable risk” flaws combine into one critical exploit path. As Incedo CEO Nitin Seth put it: “Cyber risk is moving to machine speed, while much of bank defense still operates at human speed.”

Banks that used to take weeks to patch moderate vulnerabilities are now doing it in days. Legacy systems — the decades-old proprietary code running on end-of-life software that every bank has but nobody wants to talk about — are getting the hardest hits. For an industry famously built on duct tape and COBOL, this is a reckoning.

Japan Is Next

The story went international this week. Japan’s three megabanks — Mitsubishi UFJ, Sumitomo Mitsui, and Mizuho — are getting Mythos access by end of May, making them the first Japanese institutions in the program. The deal came through diplomatic channels, with US Treasury Secretary Scott Bessent reportedly informing the banks during meetings in Tokyo.

Japan’s Finance Minister responded by announcing a public-private cybersecurity working group. Translation: Tokyo is bracing for exactly the kind of emergency patching sprint that’s currently consuming Wall Street.

Europe is likely next. Banks there have already been in contact with regulators about Mythos access. This thing is going global.

The $25-Per-Million-Token Problem

Here’s the uncomfortable part. Mythos charges $25 per million input tokens and $125 per million output tokens — five times the cost of Anthropic’s top public model. Beyond price, smaller banks don’t have the compute to run it.

The result is a two-tier security system. JPMorgan knows exactly where its vulnerabilities are. Your local credit union does not. Anthropic pledged $100 million in credits and the big banks are sharing findings, but the knowledge gap is real and growing.

Anthropic points smaller firms toward Claude Security, a more affordable scanning product. But “more affordable” and “equally capable” are very different things.

Or Is This All Just Marketing?

Not everyone’s buying the hype. Cybersecurity firms watchTowr and Vidoc told CNBC that Mythos’s vulnerability discoveries can be reproduced using existing public models through clever orchestration — splitting code into smaller pieces and coordinating multiple AI tools to cross-check results.

“What we are seeing across the industry now is that people are able to reproduce the vulnerabilities found with Mythos through clever orchestration of public models,” said watchTowr CEO Ben Harris.

Vidoc CEO Klaudia Kloc went further, noting the capability to detect zero-days at scale has existed “for a couple of months, if not a year.”

The cynical read: Anthropic packaged existing capabilities into a product that finally got bankers to pay attention. The pragmatic read: it doesn’t matter whether the fire alarm is new if the building was actually on fire. Banks are fixing things they should have fixed years ago. Sometimes the messenger matters as much as the message.

OpenAI isn’t sitting this one out, either. Sam Altman announced GPT-5.5-Cyber weeks after Mythos dropped, with limited access for vetted security teams. The AI cybersecurity arms race is officially on.

What This Means for Your Money

If your banking app goes down unexpectedly in the coming weeks, Mythos might be why. Banks are taking systems offline to apply fixes, and “more frequent maintenance windows” is the polite way of saying “things might break.”

More broadly, we’ve crossed a threshold. AI models now find vulnerabilities faster than humans can patch them. That’s true for banks, but it’s also true for hospitals, utilities, and government agencies — anyone running complex software infrastructure.

The UK’s AI Security Institute called Mythos “tangible evidence of the disruptive capabilities of advanced AI.” A joint letter to business leaders warned that AI capabilities will “rapidly increase” over the next year.

And despite Anthropic’s restricted access, unauthorized users reportedly gained access to Mythos through private online forums. If the capabilities can be approximated with public tools anyway, the genie’s already out.

The New Baseline

One banking source described the situation perfectly: rapid, continuous AI-driven security testing is now “the new baseline rather than a one-time exercise.”

Banks aren’t running Mythos once and filing a report. They’re integrating it into operations. The era of letting moderate vulnerabilities sit for weeks is over — not because anyone suddenly got more responsible, but because an AI showed up and made ignoring them impossible.

The question isn’t whether AI will transform cybersecurity. That’s done. The question is whether institutions can adapt fast enough to keep up with what these models are finding.

Based on the current scramble? Barely.