This is a developing story. NCT previously covered Anthropic co-founder Jack Clark’s confirmation of Trump administration talks about Mythos and The Guardian’s analysis of the safety-vs-marketing tension. Today’s developments represent a material escalation: internal safety warnings made public and the first confirmed government-level regulatory examination of the model.

A Bloomberg investigative feature published today reveals that Anthropic’s own safety experts warned internally that Mythos “could hack the systems beneath most modern computing” before the company decided to restrict the model’s release. The investigation details how Anthropic’s internal assessment led to the creation of Project Glasswing, the invite-only initiative that limits Mythos access to vetted institutions.

Hours after the Bloomberg feature went live, Reuters reported that German banks and national authorities are now formally examining risks posed by Mythos, citing an unnamed official who confirmed the review was prompted by concerns the model could fuel cyberattacks against financial infrastructure.

From Internal Warning to Regulatory Action in Nine Days

Anthropic announced Mythos on April 7, describing it as a model with “superhuman cybersecurity” capabilities that had identified thousands of high-severity vulnerabilities across every major operating system and web browser. The Mythos system card documented the model’s ability to autonomously discover and exploit zero-day vulnerabilities, including a 27-year-old flaw in OpenBSD and a 16-year-old vulnerability in FFmpeg that had evaded extensive automated testing.

By April 10, CNBC reported that Federal Reserve Chairman Jerome Powell and Treasury Secretary Scott Bessent had summoned banking CEOs for an emergency meeting about the model, according to Mashable’s reporting.

On April 13, Reuters documented cybersecurity experts warning that Mythos posed specific challenges to banking infrastructure because of legacy technology systems.

On April 15, Reuters reported the European Central Bank planned to quiz bankers about Mythos risks, and Bloomberg Opinion published an editorial arguing the threat extended well beyond banks.

Today’s Bloomberg investigation and the German regulatory response mark the crossing point: what started as a cybersecurity research announcement is now a financial infrastructure governance event with active government participation on both sides of the Atlantic.

The Infrastructure Layer Problem

The Bloomberg investigation’s key phrase, “the systems beneath most modern computing,” points to the specific threat architecture that distinguishes Mythos from previous AI security concerns. Mythos operates at the infrastructure layer: operating systems, firmware, hardware interfaces. According to the Mythos system card and reporting from Mashable, the model demonstrated the ability to “chain” multiple software bugs in the Linux kernel to achieve complete system control.

Logan Graham, head of Anthropic’s AI model defense team, told reporters the company “felt uncomfortable with a general release without adequate safeguards,” according to coverage compiled by QuantoSei News. Shane Fry, CTO of RunSafe Security, noted that “vulnerability discovery is outpacing patching,” warning that AI accelerates exploit discovery beyond realistic remediation rates.

Data from zerodayclock.com, cited in multiple reports, shows the time between a software flaw becoming public and a working exploit being built has dropped from an average of 771 days in 2018 to less than four hours today. Over 99% of the vulnerabilities Mythos has identified remain unpatched, according to Mashable.

The Governance Question for Agent Builders

For teams deploying autonomous AI agents in production, the Mythos disclosure changes the threat model. Every agent deployed this week by Cloudflare, Salesforce, OpenAI, and others runs on the same infrastructure layer that Mythos can reportedly compromise. Application-level security measures, from FIDO authentication to runtime trust layers, become conditional if the operating system beneath them is vulnerable.

Bloomberg has scheduled a Live Q&A for April 17 titled “Anthropic’s Mythos Ushers in Dangerous New AI Era,” signaling sustained coverage through the week.

The practical question for builders is not whether Mythos specifically will be used offensively. Anthropic restricted it precisely to prevent that. The question is how long until equivalent capabilities emerge in models without those restrictions, and whether patching velocity can match AI-accelerated vulnerability discovery before that happens.