The World's Banks Just Got a Cybersecurity Wake-Up Call — From an AI
For the first time in history, an artificial intelligence model has autonomously completed a simulated end-to-end cyberattack on a corporate network — from initial reconnaissance through to full system compromise — without a human driving a single step. The model is Anthropic's Claude Mythos Preview. And now the people responsible for keeping the global financial system standing are scrambling.
Britain's AI Security Institute published its formal evaluation of the model on Monday, and the findings stopped short of reassuring. Mythos succeeded on 73 percent of expert-level "capture the flag" cybersecurity challenges — a threshold no AI model had cleared before April 2025. More alarmingly, it became the first model to complete AISI's "The Last Ones" exercise: a 32-step simulation of a full enterprise network takeover, a workflow that typically takes skilled human professionals around 20 hours to execute. Mythos completed it autonomously on three of its ten attempts.
"AI models have reached a level of coding capability where they can surpass all but the most skilled humans at finding and exploiting software vulnerabilities," Anthropic wrote in a blog post last week. "The fallout — for economies, public safety, and national security — could be severe."
The evaluation came with important caveats. AISI's test environments lacked live defenders, endpoint detection systems, or real-time incident response — meaning the results establish that Mythos can autonomously attack weakly-defended systems, not that it can breach hardened enterprise networks. The model also failed AISI's separate "Cooling Tower" operational-technology range. And AISI used a 100-million-token inference compute budget, noting it expects performance to improve beyond that limit. But the Institute was clear that future models will only build on what Mythos demonstrated — and that "investment now in cyber defence is vital."
Among the vulnerabilities the model reportedly surfaced during testing was a 27-year-old weakness in the OpenBSD operating system, a flaw that had gone unnoticed for nearly three decades.
The regulatory response has been swift on both sides of the Atlantic. In the United Kingdom, the Cross Market Operational Resilience Group — known as CMorg — is set to convene within the next fortnight. The group is chaired by the Bank of England's risk chief Duncan Mackinnon and its membership reads like a who's who of British financial oversight: Treasury officials, Financial Conduct Authority leadership, the National Cyber Security Centre, the CEOs of eight of the UK's largest banks, four financial infrastructure providers, and two major insurers. The Bank of England declined to comment on the meeting's agenda.
Across the Atlantic, US Treasury Secretary Scott Bessent last week summoned the chief executives of America's systemically important banks to Washington to discuss the risks posed by Mythos directly. The meeting focused on institutions whose potential disruption could threaten broader financial stability.
Goldman Sachs chief executive David Solomon became the most prominent Wall Street voice to speak publicly about the model on Monday. During an earnings call with analysts, Solomon confirmed that his bank already has access to Mythos and is actively working with Anthropic on defensive measures. "Obviously the LLMs are making rapid progress and we're hyper-aware of the enhanced capabilities of these new models," Solomon said, adding that Goldman is "accelerating" its investment in cyber and infrastructure resilience as a result. "We are very focused on supplementing our cyber and infrastructure resilience. And this is part of our ongoing capabilities that we have been investing in, and are accelerating our investment in."
Access to Mythos Preview remains tightly restricted. Anthropic has distributed a limited version of the model to roughly 40 organisations — including JP Morgan, Google, Nvidia, AWS, Apple, Microsoft, and CrowdStrike — as part of what the company calls Project Glasswing, an effort to give defenders a head start before capabilities of this kind become more widely accessible.
For organisations outside that inner circle, the path to understanding the risk runs through regulators. UK authorities are expected to brief representatives from major British banks, insurers, and exchanges on Mythos' specific threat profile before the end of the month, with ministers separately considering a proposal — put forward by Starling Bank — for a centralised government framework for assessing AI model risks before they reach the financial sector.
AISI's bottom line for security teams is both sobering and practical: the fundamentals still matter. Patching discipline, access controls, hardened configuration, and comprehensive logging remain the baseline. What changes is the attacker's profile — multi-step, days-long reconnaissance campaigns now become feasible without a human directing each move. For boards conducting tabletop cyber exercises this spring, AISI recommends revisiting assumptions built around human-paced operations. The autonomous attacker, it seems, has arrived.










