European Parliament members warn EU rules are ill-equipped for AI hacking tools
Updated
Updated · POLITICO Europe · May 5
European Parliament members warn EU rules are ill-equipped for AI hacking tools
2 articles · Updated · POLITICO Europe · May 5
In Brussels, 30 MEPs from six political groups wrote to Commission Executive Vice President Henna Virkkunen urging a European mitigation plan.
They said current cybersecurity laws need revising as tools such as Anthropic's Mythos can find and exploit software vulnerabilities better than humans.
Anthropic announced that capability last month, heightening concern among governments and cyber officials and exposing Europe's difficulty accessing cutting-edge AI to assess the risks.
Can Europe regulate a super-hacking AI that its own experts are not even allowed to test?
If AI finds flaws faster than humans can patch them, is the era of cybersecurity as we know it over?
Mythos AI Model Unleashes Zero-Day Cyber Threats: The 2026 Wake-Up Call for Global Security
Overview
In April 2026, Anthropic's Mythos model emerged, revolutionizing cyber threats by autonomously discovering and chaining zero-day vulnerabilities for complex attacks. This alarming capability triggered urgent responses: the U.S. Treasury convened Wall Street leaders, UK regulators prioritized resilience efforts, and the EU criticized its own cybersecurity laws as inadequate. The U.S.-led Project Glasswing granted exclusive Mythos access to select American entities, deepening a transatlantic divide as European agencies like ENISA struggled to gain access for risk assessment. This divide created dangerous security asymmetries within Western alliances. In response, European lawmakers called for a mitigation plan, accelerating Zero Trust adoption and defensive measures, while regulatory efforts faced uncertainty amid stalled AI Act reforms.