US Banks Rush to Fix Hundreds of Flaws Exposed by Anthropic's Mythos, Risking More Outages
Updated
Updated · Reuters · May 12
US Banks Rush to Fix Hundreds of Flaws Exposed by Anthropic's Mythos, Risking More Outages
8 articles · Updated · Reuters · May 12
Hundreds to thousands of low- to moderate-risk vulnerabilities flagged by Anthropic's Mythos are pushing U.S. banks to patch systems in days rather than weeks, triggering urgent repairs and software upgrades.
Mythos is proving especially effective at linking smaller weaknesses into high-risk exposures and spotting flaws in proprietary and open-source code, increasing pressure on banks with aging technology and expired software support.
Lenders may need to take systems offline more often to complete fixes, though sources said banks are trying to minimize customer disruption as AI-driven testing becomes a continual process.
A handful of large banks have direct access to Mythos and are sharing findings with smaller peers that lack the tool's computing capacity or cannot absorb its cost—$25 per million input tokens and $125 per million output tokens.
Regulators and cybersecurity experts say the episode shows bank defenses still operate at human speed while AI is finding exploitable weaknesses at machine speed, raising broader risks for a sector built on legacy systems.
As AI creates a new class of cyber 'haves,' are smaller banks now unavoidably vulnerable?
If constant AI-driven cyber threats are the new normal, how can the financial system maintain stability?
The 2026 Mythos AI Shockwave: Banking Sector Vulnerabilities, Project Glasswing, and the Future of Cyber Defense
Overview
In April and May 2026, Anthropic's powerful Claude Mythos Preview AI revealed major weaknesses in banking cybersecurity, marking a turning point for the financial sector. This advanced AI made it much easier and faster to find and exploit vulnerabilities than banks could fix them, raising urgent concerns among institutions and regulators about its potential misuse. Banks were quickly warned and given early access to test their systems, but by mid-May, Mythos had already uncovered many hidden flaws. This rapid exposure forced the industry to rethink its defenses and highlighted the need for new strategies to keep up with AI-driven threats.