Finance Minister Sitharaman warns of risks to India's banking sector as Anthropic's unreleased AI model discovers tens of thousands of software flaws across every major operating system.
India’s government is stress-testing its financial and government software against what might be the most capable vulnerability-hunting AI ever built. Anthropic’s Claude Mythos, a model so potent it remains locked behind controlled access, has prompted an urgent cybersecurity response from New Delhi that includes unscheduled meetings between top officials and banking executives.
What Mythos actually does, and why India is worried #
During internal testing, the model uncovered serious flaws in every major operating system and web browser. Not a few. Not a handful. Tens of thousands of vulnerabilities, compared to roughly 500 detected by its predecessor, Opus 4.6.
On a Firefox-specific benchmark designed to measure autonomous exploit development, Mythos successfully executed 181 times. The Opus model? Nearly zero.
These capabilities are precisely why Anthropic hasn’t released Mythos publicly. The model’s offensive cybersecurity potential, its ability to not just find but autonomously develop exploits, makes it the kind of tool that governments treat less like software and more like a weapons system.
India’s Finance Minister Nirmala Sitharaman has flagged significant risks to the country’s banking sector specifically.
India’s coordinated response #
The Indian government’s cyber defense mobilization began in late April to early May 2026. The Reserve Bank of India and other critical infrastructure protection agencies are now coordinating with finance ministry officials in what amounts to an emergency audit of digital defenses.
Unscheduled meetings between government officials and banking executives signal the severity of the assessment.
India is also reportedly seeking access to Mythos for domestic enterprises. Currently, testing access is limited to around 40 US companies, a list that includes Microsoft and JPMorgan Chase.
No crypto angle, but massive implications for digital finance #
The Indian government’s Mythos testing is focused squarely on traditional financial and government software. No DeFi protocols, no smart contract audits, no token infrastructure.
If a single AI model can autonomously discover and exploit vulnerabilities across every major operating system, the entire threat landscape shifts. The vulnerabilities Mythos identifies in traditional software don’t respect the boundary between TradFi and crypto. India’s push for access to Mythos reflects a growing global conversation about equitable distribution of frontier AI capabilities. If cybersecurity-critical tools remain concentrated among a few dozen American firms, expect governments from New Delhi to Brussels to start treating AI access as a matter of national security, not just corporate procurement.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our