Anthropic's Claude Mythos Finds Thousands of Zero-Day Vulnerabilities, Prompting Fed to Convene Bank CEOs

Anthropic's Claude Mythos Preview, an AI model not yet publicly released, has found thousands of previously unknown zero-day vulnerabilities across every major operating system and web browser, including a 27-year-old bug in OpenBSD and a 17-year-old remote code execution flaw in FreeBSD. Federal Reserve Chair Jerome Powell and Treasury Secretary Scott Bessent convened a meeting with major US bank CEOs to discuss the cyber risks. Anthropic CEO Dario Amodei warned of a six-to-twelve month window before adversaries replicate the capability. The IMF flagged AI-powered cyber threats to the global banking system. Mozilla used Mythos to fix 423 security bugs in April, up from 25 in January. Anthropic is limiting access to approximately 40-50 partners through 'Project Glasswing' and does not plan to make Mythos generally available. OpenAI responded by releasing GPT-5.4-Cyber for vetted security teams.