Treasury and Fed flag Anthropic cyber risks

Scott Bessent and Jerome Powell pulled top Wall Street bank chiefs into an urgent meeting in Washington this week because they were worried Anthropic’s newest model could make cyberattacks easier and faster. People familiar with the discussion told Bloomberg and Reuters the warning centered on Anthropic’s latest system, called Claude Mythos Preview. (bloomberg.com) (reuters.com) Anthropic launched Claude Mythos Preview on April 7, 2026, but did not put it on the open market. The company said it would give access only to a select group of companies and more than 40 organizations that maintain critical software infrastructure. (anthropic.com) (cnbc.com) The reason for the lock on the door is simple: Anthropic says Mythos is unusually good at finding software weaknesses. A model that can spot hidden cracks in code for defenders can also hand attackers a map of where to break in. (anthropic.com) (cnbc.com) Anthropic packaged the rollout inside a cybersecurity program called Project Glasswing. The launch partners include Amazon Web Services, Apple, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, Nvidia, Palo Alto Networks, and the Linux Foundation, which shows this was aimed at critical infrastructure and big enterprise defense from day one. (anthropic.com) That is why the Treasury Department and the Federal Reserve were in the room. Big banks run on dense stacks of old and new software, and a tool that cuts the time needed to find exploitable bugs can turn a routine security problem into a system-wide operational risk. (reuters.com) (federalreserve.gov) Federal Reserve officials have been laying the groundwork for this for more than a year. In April 2025, Governor Michael Barr said generative artificial intelligence could help criminals scale fraud and cyberattacks, including deepfake impersonation and faster attack cycles against financial firms. (federalreserve.gov) Anthropic has been warning in parallel that some frontier models need handling rules closer to hazardous materials than to normal software releases. Its Responsible Scaling Policy uses “Artificial Intelligence Safety Levels,” a ladder modeled on biosafety rules, and the company says stronger models require tighter security and deployment controls. (anthropic.com 1) (anthropic.com 2) The new wrinkle is that the concern is no longer only about chatbots saying bad things or making mistakes. Bessent and Powell were talking to bank chiefs about cyber risk, which means regulators are treating advanced models as tools that can affect payment systems, customer accounts, and the day-to-day plumbing of finance. (bloomberg.com) (reuters.com) Anthropic’s own rollout shows the same logic. The company said Project Glasswing would use Mythos to scan and secure first-party and open-source systems, while keeping the model gated because broad release could expose previously unknown vulnerabilities to bad actors. (anthropic.com) (reuters.com) That leaves banks in a new position: they are not just buying artificial intelligence tools, they are being told by the country’s top financial officials to prepare for what happens when someone else’s model can probe their defenses at machine speed. The emergency meeting in Washington is the clearest sign yet that frontier artificial intelligence has moved from a tech policy debate into core financial stability planning. (cnbc.com) (bloomberg.com)