Anthropic plans to make its Claude Mythos Preview model available to UK financial institutions within the next week, Bloomberg has reported — a move that comes as regulators in Britain, the United States, and Germany scramble to assess the cybersecurity implications of what the company describes as its most capable AI model to date.
Pip White, Anthropic’s head of UK, Ireland, and Northern Europe, said in an interview that engagement with chief executives in the UK had been significant. “Customers first want to say that they appreciate our very thoughtful approach to the way in which we have released Mythos,” she said. “But secondly, they want to understand the opportunity to be considered to gain access to the model in a controlled way.”
The announcement follows a series of high-level regulatory responses on both sides of the Atlantic. In Washington, US Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened the heads of systemically important American banks — including the chief executives of Citigroup, Bank of America, Morgan Stanley, Wells Fargo, and Goldman Sachs — to discuss the model’s implications. In the UK, the Bank of England’s Cross Market Operational Resilience Group is preparing to brief major banks, insurers, and exchanges, alongside officials from the Financial Conduct Authority, HM Treasury, and the National Cyber Security Centre. Reuters has also reported that German banks and European Central Bank supervisors are examining the risks posed by the model.
Claude Mythos Preview is Anthropic’s most advanced frontier model to date. According to the company’s own disclosures, it is capable of autonomously identifying and exploiting zero-day vulnerabilities across every major operating system and web browser. During testing, the model uncovered a 27-year-old flaw in OpenBSD, one of the most security-hardened operating systems in widespread use. Anthropic has said these capabilities emerge from broader advances in reasoning and coding, rather than being specifically trained for offensive security purposes.
Given these capabilities, Anthropic has declined to release the model publicly. Instead, access is being granted through Project Glasswing, a controlled initiative designed to deploy the model in defensive cybersecurity contexts. Approximately 40 to 50 organisations have been given early access, with named partners including Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia, and Palo Alto Networks. Anthropic has committed up to $100 million in Mythos usage credits across the initiative, alongside $4 million in direct donations to open-source security organisations.
The company says Project Glasswing is intended to strengthen the resilience of global digital infrastructure by enabling partners to discover and remediate vulnerabilities before such capabilities become more widely accessible — positioning Mythos simultaneously as a potential risk factor and a tool for pre-emptive defence.
The dual-use nature of the model has not been lost on regulators. A model capable of scanning thousands of systems simultaneously, without fatigue, represents a qualitatively different threat profile from conventional penetration testing tools. UK financial infrastructure, which runs on legacy code carrying decades of accumulated technical debt, is considered a particularly sensitive area of exposure.
Also Read: CoreWeave Signs Multi-Year Cloud Deal With Anthropic
