Europe’s finance chiefs want Mythos access to defend their banks. Washington has so far said no.

May 4, 2026 164news66 Clock

Why the EU is now demanding access to Anthropic's Mythos

Skip to content

Toggle Navigation

News

  • Events
    • TNW Conference
      • June 19 & 20, 2025
  • Spaces
  • Programs
    • Newsletters
    • Partner with us
    • Jobs
    • Contact

Europe’s finance chiefs want Mythos access to defend their banks. Washington has so far said no.

May 4, 2026 - 3:12 pm

An Anthropic AI model that can find zero-days in every major operating system has become a geopolitical and prudential question. The Eurogroup met in Brussels on Monday with no answer in hand.

Brussels on a Monday morning in early May is not, by tradition, the place where the world’s most powerful AI model gets discussed. The Eurogroup meets in a handsome but functional room. Finance ministers exchange position papers. The agenda runs heavily to operational resilience, banking-union arcana, and the precise wording of Council conclusions. It is not, on most occasions, where headlines are made.

On 4 May, the room was talking about something else. Bloomberg confirmed that euro-area finance ministers had convened to discuss Anthropic’s Mythos AI model and what to do about the fact that no European government currently has access to it. The model, unveiled by Anthropic on 7 April, can identify and, in principle, exploit zero-day vulnerabilities in every major operating system and web browser.

The White House has spent the last several weeks blocking Anthropic’s proposal to expand access to roughly 70 additional organisations.

Europe’s banking regulators, in the meantime, have been doing the maths on what that gap means for the financial system.

Anthropic’s own description of the system, set out in the Project Glasswing announcement on 7 April, does not understate the case:

Mythos Preview is a frontier model whose coding capability has crossed a threshold: it can find software vulnerabilities at a rate and at a depth that surpasses all but the most skilled human researchers.  Thousands of high-severity vulnerabilities were found in days, including a 27-year-old bug in OpenBSD, a 16-year-old remote-code-execution flaw in FreeBSD, and 271 separate Firefox vulnerabilities patched by Mozilla after a single evaluation pass.

What that means for defenders, in the analysis of the cryptography researcher Bruce Schneier and others writing on the model’s strategic significance, is unambiguous. A model with this capability, used offensively, gives an attacker a structural advantage that defenders cannot match without comparable access. The corollary is that defenders without comparable access are now meaningfully behind. That is the calculation Europe’s banking supervisors have been running.

The Bundesbank moved first. In late April, Germany’s central bank publicly called on the EU to demand access to Mythos, arguing that without it European banks could not realistically test their own infrastructure against threats that an adversary with the model would be capable of mounting.

The European Central Bank, meanwhile, convened calls with chief risk officers at eurozone lenders and began collecting information on how banks are preparing for AI-powered cyberattacks. Christine Lagarde, the ECB’s president, characterised Anthropic as a responsible operator while warning that the model in the wrong hands "could be really bad."

Switzerland’s regulator went further...