Anthropic to brief Financial Stability Board on Claude Mythos cyber findings

Mythos is Anthropic's specialized model tuned for unknown-vulnerability discovery. Access has been limited to a vetted list including Apple and JP Morgan; the new FSB briefing puts Mythos on the radar of global financial regulators — an unusual step for a private model. Anthropic is effectively volunteering for oversight before it's mandated, which gives it influence over how 'dual-use frontier models' get governed.
Mechanically, the policy shift lets Mythos users coordinate disclosure with affected vendors, addressing the most-cited criticism of the original lockdown (researchers were finding bugs they couldn't responsibly report). A separate Claude Code RCE flaw via malicious deeplinks — startsWith anti-pattern on raw process.argv — was patched in 2.1.118; CyberSecurityNews has the writeup.
Competitive context: Mistral is pitching European banks on a sovereign cyber AI as a Mythos alternative for regulators uneasy about US-only frontier access. OpenAI countered the same day with Daybreak, a GPT-5.5-based cyber initiative including a permissive 'GPT-5.5-Cyber' tier for red-team work. The cybersecurity arms race between frontier labs is now an explicit market.
Skeptical take, well-articulated by CyberScoop and echoed by Linus Torvalds (Linux security mailing list 'almost unmanageable' from AI-generated CVE noise, HN 198 pts): more AI bug-finders = more low-signal disclosures drowning maintainers. The FSB briefing matters most if regulators come away with realistic expectations rather than narrative hype.