I was on a late call when a quiet admission landed: an AI had found holes that professionals had missed for decades. You felt the room contract—sudden, measurable fear. I told them that this was not a hypothetical anymore.
Claude Mythos Preview Has Officially Frightened the British — Bankers and bank regulators are scrambling to figure out what to do.
I want you to keep two facts in your pocket: Anthropic’s Project Glasswing claims the model can spot ancient bugs, and U.K. financial authorities have moved this from “technology problem” to “systemic risk.” I’m writing from inside that escalation, and I see two camps forming: people who think Anthropic overstated the danger, and people who treat the claim as an emergency.
Anthropic’s red team write-up says the Claude Mythos Preview model can identify and exploit zero-day vulnerabilities across major operating systems and web browsers, including a 27-year-old bug in OpenBSD. The claim is specific enough to make compliance officers lose sleep and vague enough to keep independent researchers guessing—because outside researchers have not been given broad access to verify the findings.
A regulator in the room tapped the slide deck and sighed. How dangerous is Claude Mythos Preview?
At a Planning Group meeting, people spoke in measured tones and used the word “risk” a lot. I say this plainly: the danger is not the model’s intent but its capability. If an AI can reliably surface subtle, long-hidden bugs, it becomes a precision tool for attackers and defenders alike.
Anthropic frames Project Glasswing as a warning shot. The Bank of England, the Financial Conduct Authority, His Majesty’s Treasury, and the National Cyber Security Centre have convened—this is no routine meeting. The U.K.’s Cross Market Operational Resilience Group, which includes senior figures from the Bank and the FCA, bumped this topic to the top of its list.
You should note the split among experts: rationalist commentator Zvi Mowshowitz says Anthropic mixed solid findings with hype; Yann LeCun has been posting that Mythos isn’t the boogeyman everyone fears. I sit between those views: I trust rigorous testing, and until independent teams can run the model under controlled rules, you have to treat Anthropic’s claims like a live lead in a trial—promising, but not yet proven.
The model’s power is best pictured like a locksmith with a skeleton key—able to find the tiniest latch you forgot existed.
A security analyst opened an email from Anthropic with a screenshot of test output. Can Claude Mythos find and exploit zero-day vulnerabilities?
The screenshot showed a patch history and an exploit path; the analyst paused before forwarding it. Anthropic’s post says Mythos Preview can identify and then exploit zero-day flaws across every major OS and browser they’ve tested.
Zero-days are valuable because they’re unknown to the vendor; an AI that can spot them quickly turns research into a scalpel. The company reported finding subtle bugs, some a decade or two old. That 27-year-old OpenBSD bug they mentioned is a headline-grabber because OpenBSD is known for security—if Mythos found that, the model’s discovery vector matters.
But discovery is not the same as weaponization. Exploit chains require context, privileges, and timing. Still, if Mythos can propose viable exploit sequences, a single path can be a match in a dry forest: it only takes one successful chain to light up critical infrastructure.
Anthropic’s controlled release model—Project Glasswing—was pitched as pre-emptive disclosure. Critics argue the firm amplified the danger to force attention; supporters say they did the responsible thing by warning defenders. Until independent groups run the model under governance, the technical claim remains an alarm that demands verification.
A minister put a calendar invite that read “urgent” and left the room. What are U.K. regulators doing about Anthropic’s model?
The calendar invite exists. The NCSC, Treasury, FCA, and the Bank are holding urgent discussions and planning a meeting “in the next fortnight,” according to the Financial Times. This is tangible action, not PR theater.
Options on the table include targeted guidance for banks, mandatory threat-hunting exercises, stricter incident reporting rules, and requiring third-party audits of models that claim high-exploit potential. The Cross Market Operational Resilience Group will be a central forum because a cyber event that hits banks can cascade into markets fast.
I advise you to watch three practical cleavages: (1) access controls—who gets to run the model; (2) verification—who is allowed to reproduce and test Anthropic’s claims; and (3) legal exposure—what liabilities firms face if an AI-aided exploit harms customers or infrastructure. Right now regulators are weighing those levers while trying to balance innovation and public safety.
There is a policy gap: technology moves faster than policy workstreams. If you are in finance or on a board, push for concrete test plans and cross-industry collaboration rather than quiet reassurances. If you are a researcher, press for controlled access so independent validation can happen.
Anthropic has raised a rotten, useful question: how do we treat an AI that can point out the traps we forgot to check? Are we going to treat it like a tool for defenders, or a loaded gun that needs to be locked away before the wrong hands find the key?