U.S. banks are rushing to fix scores of IT vulnerabilities uncovered by Anthropic's powerful new AI tool, Mythos, prompting urgent repairs, software upgrades, and potential service disruptions.
Mythos, currently accessible only to a handful of the country's largest lenders, is exposing weaknesses in both proprietary and open-source code. Banks are discovering that the model is expert at chaining together low-risk vulnerabilities into high-risk threats, forcing them to patch systems in days instead of weeks.
"This is a wake-up call because cyber risk is moving to machine speed, while much of bank defense still operates at human speed," said Nitin Seth, co-founder & CEO of Incedo.
Smaller banks without direct access are being alerted by larger institutions. High cost remains a barrier: Mythos costs $25 per million input tokens and $125 per million output tokens-five times more expensive than Anthropic's Opus model. However, Anthropic is providing $100 million in credits through its Project Glasswing initiative.
JPMorgan Chase, Goldman Sachs, Citigroup, Bank of America, and Morgan Stanley are among the banks with access. Anthropic leader Mike Krieger said pricing balances safety and business needs: low enough to encourage adoption, high enough to fund operations.
Adam Meyers of CrowdStrike said his team spent an entire weekend building a methodology to harness Mythos effectively. A senior bank regulator said the tool is as powerful as anticipated, adept at connecting dots faster than humans.
Consultants caution all banks to shore up defenses. "The backbone of the banking sector is technology," said Bernard Montel of Tenable. "Disruptions hit at the core of the business."