When a new AI model can find vulnerabilities that have been sitting in bank code for decades, the Treasury Secretary doesn't send an email.
The Summary
- Treasury Secretary Bessent and Fed Chair Powell called an urgent meeting with US bank CEOs to discuss cybersecurity risks from Anthropic's latest AI system, Mythos
- Mythos can rapidly identify software flaws and craft sophisticated exploits, raising fears of systemic banking risks
- The AI has already detected decades-old vulnerabilities that existing security tools missed
- This marks the first time AI capability advancement triggered executive-level emergency coordination across banking regulators
The Signal
The fourth web isn't just about agents that automate your calendar. It's about agents that can see through the walls you built to keep the last generation of threats out. Anthropic's Mythos model represents a phase shift: AI that doesn't just find known vulnerabilities faster, but discovers novel attack vectors by reasoning about code the way an elite security researcher would, except it never sleeps and works at machine speed.
The model's ability to spot decades-old flaws means legacy banking infrastructure, built when software security meant "don't write the password on a sticky note," is suddenly exposed. Every major bank runs on layers of code written in the 1990s and early 2000s. Patched, updated, wrapped in newer systems, but still there. Core transaction processing, settlement systems, the deep plumbing that moves trillions daily. Mythos can apparently read that code, understand it, and identify exploitable weaknesses that human auditors and traditional scanning tools walked past for years.
The timing matters. We're three months into a year where crypto-based settlement systems are gaining serious institutional traction, partly because newer blockchain infrastructure doesn't carry the same legacy burden. When AI can weaponize old code but struggles less with transparent, auditable smart contracts, the competitive dynamics shift fast. TradFi's moat was stability and trust. If an AI can crack that stability faster than banks can patch it, trust evaporates.
This isn't a hypothetical research paper. When both the Treasury and the Fed convene bank CEOs on short notice, it means someone ran a demonstration that scared the right people. The banking system just learned it's playing a different game now.
The Implication
If you're building in Web3, this is your opening. Legacy finance just discovered its infrastructure has an expiration date measured in AI capability, not calendar years. Smart contract platforms with formal verification and transparent code suddenly look less like ideological experiments and more like defensive necessity. If you're working in traditional finance, start asking hard questions about what percentage of your core systems could survive scrutiny from an AI that thinks like a nation-state hacker. The answer will determine whether you're still relevant in 2028.
Sources: Financial Times Tech | CoinDesk