The Bank of England’s Cross‑Market Operational Resilience Group (CMORG) is set to meet senior leaders from the United Kingdom’s eight biggest banks, four financial‑infrastructure firms and two insurers within the next fortnight. The agenda centers on Anthropic’s Claude Mythos Preview, an AI model that the company says can locate and weaponise zero‑day flaws across major operating systems and web browsers.

British regulators are not alone in their concern. The U.S. Treasury, the Federal Reserve and the Bank of Canada have already held emergency sessions after Anthropic’s internal tests revealed the model’s ability to identify thousands of previously unknown vulnerabilities. In Washington, Treasury Secretary Scott Bessent and Fed Chair Jerome Powell met with heads of systemically important banks, including Citigroup’s Jane Fraser and Bank of America’s Brian Moynihan, to gauge the systemic risk.

In the United Kingdom, the briefing will involve the Bank of England, the Financial Conduct Authority, HM Treasury and the National Cyber Security Centre. CMORG’s membership includes CEOs of the nation’s top banks and representatives from the Treasury, FCA and NCSC, giving the discussion a high‑level, cross‑sector perspective.

Anthropic describes Mythos Preview as a “general‑purpose frontier model” with exceptional capabilities in computer‑security tasks. According to the company, the model has already uncovered a 27‑year‑old weakness in OpenBSD and demonstrated a method to breach a web browser that could let a malicious site read data from another site, including a victim’s banking information. The AI can chain multiple steps together, completing a full cyber‑range attack from discovery to exploitation without human intervention.

Project Glasswing, Anthropic’s initiative to mitigate the model’s risks, will give about 40‑50 organizations early, controlled access to Mythos Preview. Partners include Amazon Web Services, Apple, Google, Microsoft, Nvidia, Cisco and JPMorgan Chase. Anthropic has pledged up to $100 million in usage credits and $4 million in donations to open‑source security groups, arguing that defenders need time to patch vulnerabilities before the model—or similar tools from competitors—becomes widely available.

Not everyone accepts Anthropic’s framing. Security technologist Bruce Schneier called the episode “very much a PR play” and warned that reporters were repeating the company’s talking points without critical analysis. He noted that a security firm, Aisle, could replicate some of the discovered vulnerabilities using older, cheaper public models, though he conceded there is a meaningful gap between finding a flaw and weaponising it.

Former head of the U.K. National Cyber Security Centre, Ciaran Martin, offered a more measured view. He said the dramatic reduction in vulnerability‑discovery timelines—from months to hours—poses a challenge but also creates an “opportunity to fix a lot of the internet’s hidden bugs.”

The regulatory response unfolds amid a broader political backdrop. Anthropic is currently in a legal dispute with the U.S. Department of Defense, which labeled the company a supply‑chain risk to national security. President Trump and Defense Secretary Hegseth have publicly criticized Anthropic for its stance on limiting military uses of its AI. Yet the Treasury and the Federal Reserve are treating the firm as a key partner in safeguarding systemic financial infrastructure.

Bank of England Governor Andrew Bailey cited Mythos by name in a recent speech at Columbia University, describing it as a major cybersecurity concern and noting that cyber risk has risen faster than any other category in regulators’ risk rankings. Pip White, Anthropic’s head of UK, Ireland and Northern Europe, said the company plans to make Mythos available to UK financial institutions next week.

As the briefing approaches, UK financial leaders will weigh the dual realities of a powerful new tool that could both expose and protect critical systems. The outcome will shape how regulators and the industry address AI‑driven cyber threats moving forward.

Used: News Factory APP - news discovery and automation - ChatGPT for Business