The Moment Everything Changed

In early April 2026, Anthropic did something almost unprecedented in the technology industry. They built an AI model, tested it, and decided it was too dangerous to release to the public.

That model is Claude Mythos.

Anthropic's own red-team researchers, the people whose job is to find problems before the public does, described it as "strikingly capable at computer security tasks." It found thousands of high-severity vulnerabilities across every major operating system and web browser. It identified a critical flaw that had gone undetected for 27 years. It can locate dormant bugs in decades-old code and map precisely how they could be exploited faster, and more comprehensively, than any human security researcher.

Anthropic chose not to release it publicly. Instead, they gave controlled access to a small group of major technology companies to use its capabilities defensively, to find and fix vulnerabilities before malicious actors could exploit them.

That decision alone should reframe how every security leader, board member, and regulator thinks about AI and cyber risk. When one of the most safety-conscious companies in the AI industry looks at what it has built and says, "this is too dangerous to release", that is a signal, not a headline.

And Anthropic's own warning makes the stakes explicit: "Given the rate of AI progress, it will not be long before such capabilities proliferate, potentially beyond actors who are committed to deploying them safely."

Mythos will not be the last model with these capabilities. It will be one of the first.

Why Financial Institutions and Critical Infrastructure Are Most Exposed

Every payment processed, every interbank transfer settled, every securities trade cleared, every grid frequency managed, every water treatment cycle monitored runs on software. Software has vulnerabilities. Mythos-class tools find those vulnerabilities faster than any human team, and faster than most organisations' current security programmes can respond.

Finance ministers at a recent IMF meeting discussed Mythos explicitly. Central bankers do not discuss individual AI models at international gatherings unless the threat is real, systemic, and immediate.

The reason for their concern is structural. Financial infrastructure is deeply interconnected. A successful AI-assisted attack on a payment clearing node, a major custodian, or a critical market infrastructure institution does not just harm that institution. It propagates. The same interconnectedness that makes modern financial systems efficient makes them vulnerable to cascading failure when a critical node is compromised.

Critical infrastructure faces a parallel but distinct version of the same problem. Power grids, water systems, and transport networks typically run on operational technology that is years or decades old software that was built to last, not to withstand AI-assisted probing. The 27-year-old vulnerability Mythos found is not an anomaly. It is a description of the average legacy OT environment.

The Compliance Gap Mythos Exposes

Financial regulators globally have developed robust, substantive cybersecurity frameworks. The EU's Digital Operational Resilience Act, the Bank of England's operational resilience requirements, the US Federal Financial Institutions Examination Council guidelines, and equivalent frameworks from regulators across the Asia-Pacific and the Middle East all reflect a genuine understanding that cyber risk is systemic financial risk.

These frameworks mandate board-level governance, continuous vulnerability management, threat-led penetration testing, rapid incident reporting, often within four to six hours of detection, and evidence of genuine operational resilience rather than mere paper compliance.

They are good frameworks, but they were calibrated against a pre-Mythos threat landscape.

The penetration testing cycles they specify were designed for a world where sophisticated attacks required sophisticated human attackers operating at human speed. The vulnerability assessment cadences they mandate were designed for a world where the race between attacker discovery and defender patching was measured in weeks. Mythos compresses that race to hours, always in favour of the attacker.

Perfect compliance with existing frameworks is necessary, but in the age of Mythos, it is not sufficient. The gap between the compliance floor and genuine resilience is precisely where AI-assisted attackers will operate. Closing that gap is what Continuous Threat Exposure Management is designed to do.

What CTEM Is and Why Mythos Makes It Urgent

Continuous Threat Exposure Management is not a product. It is a programme, a structured, continuous discipline for understanding, prioritising, and reducing real-world threat exposure. Gartner introduced it as a strategic framework because episodic, compliance-driven security was visibly failing to keep pace with the sophistication of adversaries.

Mythos is the clearest illustration yet of why that failure is dangerous.

CTEM operates across five stages, Scoping, Discovery, Prioritisation, Validation, and Mobilisation, that together ensure an organisation identifies its vulnerabilities before attackers do, validates that its defences work, and fixes the right things fast enough to matter.

The critical word in that description is "continuously." Not annually. Not quarterly. Continuously, at the same pace as AI-assisted adversaries operate.

Scoping ensures the organisation has a current, comprehensive picture of its real attack surface, including legacy systems, forgotten integrations, and shadow IT that Mythos-class tools would find first. The 27-year-old vulnerability Mythos identified did not reside in a well-monitored core system. It was in exactly the kind of peripheral, overlooked code that incomplete scoping misses.

Discovery runs automated vulnerability identification across that surface continuously. A quarterly VAPT snapshot leaves an organisation essentially blind for 89 of every 90 days. Under CTEM, the vulnerability picture is never old. The distinction between continuous and periodic discovery is between manageable risk and unacceptable exposure.

Prioritisation answers the question that matters: which of your vulnerabilities would a Mythos-class attacker find and exploit first in your specific environment, against your critical systems? Not which vulnerabilities score highest on a generic severity scale, but which ones represent the most exploitable path from your perimeter to your most valuable assets. That distinction turns a vulnerability backlog into an actionable remediation programme.

Validation provides evidence, not assumptions that your defences work against realistic attack scenarios, including AI-assisted ones. The finding by independent security researchers that Mythos is most dangerous to poorly defended systems is a direct challenge to every organisation: which category are you in? Validation answers that question with evidence, not hope.

Mobilisation ensures that validated, prioritised intelligence translates into rapid remediation, fast enough to meet the regulatory reporting windows mandated by major frameworks, and fast enough to close vulnerabilities before an AI-assisted adversary can exploit them after detection.

What Mythos Changes About Security Posture

Mythos does not require organisations to rebuild their security programmes from scratch. It requires them to honestly assess whether their current programmes are suited to the threat they now face.

Three questions surface quickly during the assessment.

1. Is your vulnerability picture continuous or periodic? If the honest answer is quarterly or annual, your knowledge of the attack surface is already outdated against an adversary that never stops scanning.

2. Have you validated your defences against AI-assisted attack scenarios? A Red Team exercise or penetration test scoped before Mythos-class capabilities existed tests resilience against yesterday's adversary. Regulators mandating threat-led testing under DORA, CBEST, and equivalent frameworks expect the threat model to reflect current adversary capabilities, and those capabilities now include AI.

3. Can you reliably meet your incident reporting obligations? Regulatory reporting windows start from detection, not from when someone decides an incident is worth reporting. If detection is not continuous, the reporting clock does not start until it is already nearly expired.

The Bottom Line

Mythos is a signal. It signals that AI-assisted offensive cyber capability has crossed a threshold that most current security programmes were not designed to handle. It signals that the gap between compliance and genuine resilience has become dangerously wide. And through Anthropic's own warning, it signals that this capability will proliferate among actors with far less commitment to responsible use.

Financial regulators across every major jurisdiction have built substantive, demanding, and directionally sound frameworks. They mandate the continuous vigilance, evidence-based assurance, and rapid response capability that genuine resilience requires. Compliance with those frameworks is the non-negotiable starting point.

CTEM is what comes after the starting point. It is the operational programme that takes regulatory intent seriously enough to implement it at the speed and scale the threat demands continuous discovery, intelligent prioritisation, validated defences, and fast remediation, running every day, not just at audit time.

Mythos changed the game. CTEM is how you play it, not just to satisfy your regulator, but to be safe.