Brian Moynihan joins growing chorus of Wall Street leaders alarmed by an AI model that can autonomously discover and exploit software vulnerabilities
Bank of America CEO Brian Moynihan wants you to know that the banking industry is taking Anthropic’s Mythos AI very seriously. Speaking on Bloomberg Surveillance on July 16, Moynihan flagged the model’s capabilities as a legitimate threat to the financial system, joining a growing list of Wall Street executives who have gone from cautiously optimistic about AI to genuinely worried about what it can do when pointed at software.
The concern isn’t theoretical. Mythos, which Anthropic unveiled on April 7 in a limited form, demonstrated 181 successful autonomous software exploits during testing. That’s not a typo. An AI model, on its own, found and exploited 181 distinct software vulnerabilities. For context, earlier Anthropic models couldn’t come close to that number.
What Mythos actually does, and why bankers are losing sleep #
Mythos doesn’t just find bugs in code. It autonomously discovers vulnerabilities and then exploits them, essentially doing the work of an elite hacking team without human guidance.
Anthropic recognized the risk profile immediately. The company has withheld any public release of the model. Access is currently restricted to vetted partners through something called Project Glasswing, a collaborative defensive initiative involving major players in technology and finance. Anthropic is working with its partners to develop defensive measures against the very capabilities Mythos introduced.
Moynihan’s comments during the Bloomberg interview were measured but unmistakable in their gravity.
“You should rest assured we’re all working hard on it. You should rest assured it’s a serious issue.”
Regulators are already mobilizing #
Back in April, shortly after Mythos was unveiled, US financial regulators convened an urgent meeting with CEOs from major banks. Federal Reserve Chair Jerome Powell and Treasury Secretary Scott Bessent both participated. The meeting reportedly focused on the immediate cybersecurity risks the model poses.
Why crypto and DeFi should be paying attention #
Reporting from CoinDesk has indicated that Mythos’s implications extend directly into the decentralized finance space. The areas of specific concern include key management systems, cross-chain bridges, oracles, and cryptographic libraries.
Bridges alone have been responsible for some of the largest hacks in crypto history. Those exploits were found by human hackers, sometimes working in teams, sometimes spending weeks or months identifying a single vulnerability. An AI model capable of autonomously executing 181 exploits during testing could compress that timeline from months to minutes.
Oracles, the systems that feed real-world data to smart contracts, represent another critical attack surface. If an AI can find exploitable flaws in oracle implementations, the cascading effects on DeFi protocols that rely on accurate price feeds could be catastrophic.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our