An AI model called Claude Mythos is now autonomously executing multi-stage cyberattacks across every major operating system.
April 25, 2026
Original Paper
Frontier AI and the Financial Services Threat Model: Implications of Anthropic's Claude Mythos Preview for UK Banks and Building Societies
SSRN · 6640179
The Takeaway
Artificial intelligence has transitioned from helping humans find bugs to launching independent attacks. This model can find vulnerabilities and exploit them without any human intervention. It successfully targeted web browsers and operating systems that were previously thought to be secure. The threat model for global finance has shifted because these attacks are now automated and scalable. Banks and building societies are facing a level of cyber risk that traditional security cannot handle.
From the abstract
Anthropic announced Claude Mythos Preview on 7 April 2026. The company chose not to release the model publicly, citing its demonstrated ability to find and exploit software vulnerabilities autonomously across every major operating system and every major web browser. Access is instead being channelled through Project Glasswing, a restricted partner programme covering roughly 40 to 50 critical-infrastructure operators. Within days of the announcement, the UK AI Security Institute published an inde