Finance chiefs warned on Anthropic risk

Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell called major bank chiefs into a special Washington meeting on Tuesday, April 7, to discuss cyber risks tied to Anthropic’s new Mythos model. (cnbc.com) The meeting took place at the Treasury Department while bank leaders were already in Washington for a Financial Services Forum board gathering, according to CNBC and Reuters. Bank of America’s Brian Moynihan, Citigroup’s Jane Fraser, Goldman Sachs’ David Solomon, Morgan Stanley’s Ted Pick and Wells Fargo’s Charlie Scharf attended; JPMorgan Chase chief executive Jamie Dimon did not. (cnbc.com) (channelnewsasia.com) Anthropic announced Claude Mythos Preview on April 7 as a gated research preview rather than a public release. The company said access is invitation-only and limited to defensive cybersecurity work under a program called Project Glasswing. (platform.claude.com) (anthropic.com) The model is built to read large codebases, find hidden software flaws and show whether those flaws can actually be exploited. Anthropic said Mythos Preview has found thousands of high-severity vulnerabilities, including some in every major operating system and web browser. (anthropic.com 1) (anthropic.com 2) Anthropic said the model’s capability jump was large enough that it chose not to make Mythos generally available. In its system card, the company described Mythos Preview as its “most capable frontier model to date” and said the release was restricted to a limited partner group. (anthropic.com) Project Glasswing’s launch partners include Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks. Anthropic said it is committing up to $100 million in usage credits and $4 million in direct donations to open-source security groups. (anthropic.com) CNBC reported that Anthropic briefed senior United States government officials before the launch on the model’s “offensive and defensive cyber applications.” The company told CNBC it has been in ongoing discussions with the Cybersecurity and Infrastructure Security Agency and the Center for AI Standards and Innovation about Mythos Preview’s cyber capabilities. (cnbc.com) Reuters, citing Bloomberg’s reporting, said the Bessent-Powell meeting was meant to make sure banks understood the risks from Mythos and similar models and were taking steps to defend their systems. The Federal Reserve declined to comment to CNBC, and the Treasury Department did not respond to CNBC’s request for comment. (channelnewsasia.com) (cnbc.com) Anthropic has framed the same capability as a defensive tool if it stays tightly controlled. In its Project Glasswing announcement, the company said the aim is to use models that can find and exploit bugs to secure banking systems, power grids, medical records and other critical software before attackers do. (anthropic.com) For now, the immediate fact is narrower than the online alarm around it: regulators have not announced a public enforcement action or a bank-specific incident. What they have done, on April 7, is bring the country’s biggest financial firms into the room and tell them to treat this new class of artificial intelligence cyber capability as a live risk. (cnbc.com) (channelnewsasia.com)