Key Takeaways
Why Anthropic’s Mythos Is Sparking Alarm

- Bank of America and other Wall Street firms are using Anthropic's Mythos AI to test internal network vulnerabilities
- Jamie Dimon compared giving broad access to Mythos to 'giving ballistic missiles to individuals'
- The U.S. Department of Commerce previously enacted export controls on Anthropic's AI models over national security concerns
Bank of America CEO Brian Moynihan is sounding the alarm on Anthropic's Mythos AI system, joining a growing chorus of Wall Street executives who say the vulnerability-hunting model could become a weapon if released to the public. The warning adds weight to concerns that advanced AI tools designed to find security flaws might create more problems than they solve.
Anthropic unveiled Mythos earlier this year with a specific purpose: finding vulnerabilities in digital infrastructure. That capability caught the attention of major financial institutions. Bank of America now sits among a select group of Wall Street firms granted access to the platform, using it to probe their own internal networks and share security intelligence with industry peers.
The model remains unavailable to the general public. After hearing the warnings from Moynihan and others, that restriction makes sense.
What did Moynihan and Dimon actually say?
In a Bloomberg Television interview broadcast Thursday, Moynihan described the operational burden these AI tools place on financial institutions. "It is a big change in the amount of work that will have to go on and the pace [at] which these tools will affect vulnerabilities in your systems, and how fast you have to take care of that," he said. "We are all working hard on it."
Moynihan also flagged concerns about the bank's vendor relationships. "We are making sure the third parties are doing the work and working cooperatively with the team," he added. Translation: if your partners have security gaps, a tool like Mythos will find them faster than ever.
JPMorgan Chase CEO Jamie Dimon offered a more colorful assessment earlier this week. He warned that granting broad access to Mythos would be equivalent to "giving ballistic missiles to individuals." The analogy is blunt, but the logic holds: a tool that excels at finding weaknesses in systems could devastate those systems in the wrong hands.
Export controls and the Fable 5 jailbreak
The Wall Street warnings follow recent regulatory action against Anthropic's technology. On July 1, the U.S. Department of Commerce enacted export controls and disabled access to both Mythos 5 and Fable 5 AI models. The directive cited "national security authorities" and flagged a potential method for bypassing Fable 5's internal safeguards.
The Fable 5 jailbreak concern differs from the Wall Street worries about Mythos. The former involves breaking down a model's internal guardrails. The latter involves a model that's working exactly as designed, just with capabilities that become dangerous if widely distributed.
The federal government has since lifted the restrictions after Anthropic worked with agencies to address cybersecurity concerns. Anthropic announced it restored access to Mythos 5 for a set of U.S. organizations and will continue collaborating with the government through its Glasswing cybersecurity initiative to provide secure access to domestic and foreign partners.
The dual-use problem in AI security tools
Mythos presents a textbook dual-use dilemma. The same capability that makes it valuable to banks also makes it dangerous in adversarial hands. Vulnerability discovery is a defensive activity when Bank of America does it to its own systems. It becomes offensive when someone uses it to find holes in systems they don't own.
Financial institutions have long employed penetration testing and red teams to find security weaknesses. But those efforts require skilled humans, take time, and cost money. An AI that automates vulnerability discovery at scale changes the economics entirely. The pace Moynihan referenced in his interview is the core issue: defenders must now fix vulnerabilities faster because attackers can find them faster.
What happens next?
The current arrangement, with Mythos restricted to vetted financial institutions and government partners, appears to be holding. But the pressure to expand access will grow. Security researchers outside major banks want these tools. Smaller financial institutions lack the resources to build equivalent capabilities in-house.
Anthropic's Glasswing initiative suggests the company is trying to thread the needle: providing access to legitimate security researchers while keeping the model out of malicious hands. Whether that access model survives contact with economic incentives remains to be seen.
Logicity's Take
The real story here isn't that Wall Street executives are worried. It's that they're worried publicly. Financial institutions typically downplay security concerns to avoid spooking customers and regulators. When Dimon compares an AI tool to ballistic missiles on the record, he's signaling that the threat merits breaking that silence. For fintech teams building on third-party infrastructure, the message is clear: your vendors' security posture now matters more than ever, and AI-powered vulnerability discovery is about to make every weakness easier to find. Start asking vendors about their AI-assisted security testing before attackers do.
Frequently Asked Questions
What is Anthropic's Mythos AI?
Mythos is an AI system from Anthropic designed to discover vulnerabilities in digital infrastructure. It's currently available only to select Wall Street firms and U.S. government partners, not the general public.
Why are Wall Street executives concerned about Mythos?
The model excels at finding security weaknesses in systems. While useful for defensive purposes, that same capability could be weaponized if broadly released, allowing attackers to discover vulnerabilities at unprecedented speed.
What is the difference between the Mythos and Fable 5 security concerns?
The Fable 5 concern involved jailbreaking, or bypassing the model's internal safeguards. The Mythos concern is about the model's intended functionality: finding vulnerabilities in external systems, which becomes dangerous if misused.
What is Anthropic's Glasswing initiative?
Glasswing is Anthropic's cybersecurity program for providing secure access to its AI models for domestic and foreign partners working on security research with government cooperation.
Explores the limitations and risks of AI tools in technical applications
Need Help Implementing This?
If your fintech team needs to assess AI security tools or build a vendor security evaluation process, reach out to Logicity for guidance on navigating the evolving landscape of AI-powered cybersecurity.
Source: PYMNTS | / PYMNTS
Huma Shazia
Senior AI & Tech Writer
Produced with AI assistance and reviewed by the Logicity editorial team. Learn more in our Editorial Policy.






