Bessent and Powell warned bank CEOs about security risks from Anthropic's powerful new AI model

Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell summoned bank CEOs to an urgent meeting this week to warn about the cybersecurity risks associated with Anthropic's powerful Mythos AI model, according to reports.

Bloomberg, citing unnamed sources, reports that the CEOs present included Citigroup $C's Jane Fraser, Morgan Stanley $MS's Ted Pick, Bank of America $BAC's Brian Moynihan, Wells Fargo $WFC's Charlie Scharf, and Goldman Sachs $GS' David Solomon. JPMorgan $JPM Chase CEO Jamie Dimon was unable to attend, according to Bloomberg and Reuters. All the banks are classified as systemically important by regulators.

The session at the Treasury building on Tuesday sought to prompt financial institutions to understand what Mythos and comparable models could mean for their exposure to attacks and to put adequate defenses in place, Bloomberg and Reuters report.

When Anthropic revealed Mythos earlier this week, the company chose not to make it publicly available, pointing to the risk that the model might surface cybersecurity weaknesses that had not previously been identified. Anthropic has publicly described Mythos as able to locate and take advantage of security gaps in all of the dominant operating systems and browsers currently in use.

Anthropic restricted Mythos to 12 launch partners through an initiative called Project Glasswing, committing up to $100 million in usage credits for defensive security work. Launch partners include Amazon $AMZN Web Services, Apple $AAPL, Broadcom $AVGO, Cisco $CSCO, CrowdStrike $CRWD, Google $GOOGL, JPMorgan, the Linux Foundation, Microsoft $MSFT, Nvidia $NVDA, and Palo Alto Networks $PANW. More than 40 additional organizations that build or maintain critical software infrastructure also received access. Reuters reported that access is limited to about 40 technology companies including Microsoft and Google, while Bloomberg reported that Amazon and Apple are among the restricted recipients; the sources differ on the precise composition of that group.

During testing, Anthropic used Mythos to identify thousands of zero-day vulnerabilities across major operating systems and browsers, including a flaw dating back 27 years in OpenBSD and a vulnerability in the video processing library FFmpeg that had gone undetected across five million passes by automated testing tools. Anthropic has noted that no specialized cybersecurity training went into building Mythos — its ability to find vulnerabilities stems from general advances in coding and reasoning.

Anthropic has acknowledged holding discussions with federal officials — including conversations that took place before Mythos was released — covering what the model can do both to attack and to defend digital systems. One person with knowledge of those efforts said Anthropic reached out to senior figures in government and across relevant industries before going public with the model.