TL;DR
Anthropic's unreleased Mythos model found decades-old vulnerabilities in critical infrastructure... including a 27-year-old bug in OpenBSD, an OS literally built around security.
The real concern isn't that it finds bugs. It's that in 72% of test trials, it also successfully built a working exploit to take advantage of them.
Treasury Secretary Besant convened a meeting with Fed Chair Powell and major bank CEOs to get ahead of the rollout.
Anthropic is gating access to Amazon, Apple, Cisco, JP Morgan, Nvidia, and select open source projects before any public release.
Yes, this is also great PR ahead of a planned IPO. Both things can be true.
There's a pattern here. OpenAI said GPT-2 was too dangerous to release in 2019 because it might flood the internet with AI-generated propaganda. Anthropic did something similar with Opus. And now Mythos.
Every time, the announcement creates buzz. Every time, there's a slow rollout. Every time, some people roll their eyes.
I get the skepticism. But this time, the technical reason is different enough that it deserves a closer look.
Finding bugs is one thing. Building the exploit is another.
Previous models, including Claude Opus, were already capable of identifying software vulnerabilities. Security researchers knew this. That's not new.
What's new with Mythos is the jump to exploitation.
In testing, Mythos successfully generated a working exploit in 72% of trials. That means it doesn't just flag a vulnerability... it writes the code to take advantage of it. At scale. Without sleeping.
That's a fundamentally different risk profile. A model that says "hey, this door might be unlocked" is a useful auditing tool. A model that says "hey, this door is unlocked, here's how to pick it, here's the entry route, here's what's inside" is a weapon if it gets to the wrong hands first.
The 27-year-old bug it found in OpenBSD is the part that got my attention. OpenBSD is one of the most security-focused operating systems on the planet. Its entire reputation is built on hardening. If Mythos is surfacing previously undetected vulnerabilities in that codebase, then the surface area across less rigorous open source projects is enormous.
Why the banks matter more than you might think
Treasury Secretary Besant called a meeting with Fed Chair Powell and the CEOs of the major banks before this thing sees any broader rollout. Some people read that as government overreach. I read it as the right call.
Financial infrastructure doesn't just hold money. It holds identity data, transaction history, authentication keys, everything tied to how people move through the modern economy. A working exploit against the wrong banking system isn't a data breach... it's a cascade.
The meeting was probably a heads-up: your systems need to be patched before this goes wider. That's not censorship. That's sequencing.
The banks are also probably the fastest path to getting the most-used open source libraries patched. A major bank that depends on a C# library or a Python package has the resources and the incentive to push for access and get those vulnerabilities fixed upstream. That patch flows downstream to everyone who builds on the same stack.
That's actually how this should work: biggest attack surface, most resources to respond, goes first.
The open source piece is what I'm watching most closely
Open source is running the internet. Not "a lot of the internet." The internet. WordPress, Node.js, Python, OpenSSL... almost everything your business touches is either open source directly or built on something that is.
These projects are maintained by small teams. Often volunteers. They don't have enterprise security budgets. And if Mythos can find vulnerabilities in OpenBSD, it can definitely find them in a 10-year-old npm package that 200,000 projects depend on.
Anthropic reportedly is giving access to major open source maintainers, not just enterprise partners. That's the part of the rollout I'd want more details on, because getting those patches in before public release is the thing that actually protects small businesses and independent developers. You aren't going to buy a Mythos enterprise license. But you are using software that will hopefully have been hardened by the time this is in wider circulation.
If you want to get a sense of where your own tech stack stands from an AI readiness perspective, the AI tools checklist at Infacto is a good starting point for making sure you're set up on the basics before any of this becomes your problem to manage.
Is this marketing? Sure. Is it also real? Yes.
Anthropic is planning to IPO. The timing of this announcement is convenient. The press cycle is undeniable.
But "this is good PR" and "this is a legitimate safety concern" are not mutually exclusive. In fact, the reason it's good PR is because the concern is believable. If they'd made this same announcement about a model that just writes better marketing emails, nobody would care.
What makes this credible is the specificity: named companies, named vulnerabilities, an actual meeting with government officials, and a technical explanation (the 72% exploit success rate) that is materially different from what earlier models could do.
Anthropic also has more to lose if they get this wrong. If they release Mythos publicly and a major exploit gets traced back to someone using their model, the reputational damage ahead of an IPO would be catastrophic. The incentives line up with the caution.
What actually happens if this goes right
If the rollout works the way it should:
- Banks patch their most critical vulnerabilities before Mythos is widely available
- Major open source maintainers run their codebases through the model and fix what gets flagged
- The patches flow downstream to the businesses and developers depending on those libraries
- By the time Mythos is public, a significant portion of the obvious targets have been hardened
If even 60-70% of the critical infrastructure gets patched in that window... that's a genuinely good outcome. It's not perfect. But it's better than releasing it cold and watching who moves faster, attackers or defenders.
The historical pattern in security is always: someone finds a vulnerability, someone fixes it. Mythos accelerates both sides of that equation. The question is just whether the defenders get a head start.
What this means for small business owners
Most small businesses aren't going to interact with Mythos directly. But you are running software, probably open source software, probably hosted on infrastructure that sits on top of more open source software. If this rollout goes well, the stack under your business gets more secure without you having to do anything.
What you can do right now: know what you're running. Know what libraries your developers are using. Ask about dependency management and update cycles. If you're relying on a third party for your tech stack, ask them how they stay current on security patches.
The bigger AI tools story isn't just about what AI can do for your marketing or your operations. It's about the security baseline of the software world you're building on. That baseline is about to get a lot of attention.
The real millionaires in a gold rush sell the pickaxes
One more thing worth noting from this conversation: while Anthropic gets the headlines, the companies actually getting paid regardless of which AI wins are the ones selling the compute.
Nvidia is currently the most valuable company on the planet by some measures. The better Mythos does, the more inference runs, the more chips get sold. That dynamic doesn't change whether Anthropic goes public at a high valuation or a low one.
The AI model war is a content play. The chip and data center infrastructure underneath it is a different kind of bet.
The gated rollout is the right call
Not because Anthropic is uniquely wise. Not because government involvement is always good. But because the math on this one is straightforward: the number of people who would use Mythos to attack software vastly outnumbers the people maintaining the specific open source projects that need patching.
A model that never sleeps, never gets distracted, and can build a working exploit 72% of the time is a different category of tool. Getting it to the banks and the open source maintainers first, before it's in the hands of everyone... that's just sequencing the defense before the offense.
We'll see how the rollout actually goes. But the logic holds.