The European Central Bank is about to tell every major bank in Europe the same thing the Federal Reserve, the Treasury Department, and the Bank of England already told theirs: Anthropic built something that could break your systems, and you need to prepare for it.

Reuters reported today that ECB supervisors are set to warn bankers about the cybersecurity risks posed by Anthropic's Mythos model, which the company and security researchers say could supercharge complex cyberattacks against financial infrastructure. That makes the ECB the fourth major financial regulator in a single week to sound the alarm on a single AI model.

Let that sink in. One AI company. One model. Four central banks. In seven days.

The domino effect nobody predicted

The timeline tells the story. Last Wednesday, Treasury Secretary Scott Bessent and Fed Chair Jerome Powell summoned the CEOs of America's largest banks to an emergency meeting about Mythos. Then the Bank of England's Andrew Bailey publicly flagged "major cybersecurity risks" from the model. Canada's central bank called an emergency meeting. And now the ECB is following suit.

JPMorgan CEO Jamie Dimon addressed Mythos directly on his earnings call yesterday. "AI's made it worse, it's made it harder," he said. "It does create additional vulnerabilities, and maybe down the road, better ways to strengthen yourself too." He confirmed JPMorgan is testing the Mythos preview through Anthropic's Project Glasswing program.

Goldman Sachs CEO David Solomon said Monday that his bank was also testing Mythos, though he declined to say more.

Why banking is uniquely exposed

The banking industry runs on legacy technology. Decades-old COBOL systems. Patchwork integrations between platforms built in different eras. Regulatory compliance layers stacked on top of each other like geological sediment. This is exactly the kind of complex, interconnected infrastructure that an AI-powered hacking tool would eat for breakfast.

Dimon himself acknowledged this: "That doesn't mean everything that banks rely on is that well protected. Banks are attached to exchanges and all these other things that create other layers of risk."

JPMorgan CFO Jeremy Barnum put it bluntly on the earnings call: "These tools can make it easier to find vulnerabilities, but then also potentially be deployed by bad actors in attack mode."

The Anthropic paradox deepens

Here is the part that should make everyone uncomfortable. Anthropic positioned itself as the "safety company." It chose not to release Mythos publicly because it said the risks were too great. It created Project Glasswing to let select partners test the model in a controlled environment. It did everything the AI safety playbook says you should do.

And the result? Four central banks panicking in one week. The biggest banks on Earth scrambling to test what their attackers might soon have access to. Every financial regulator on the planet asking the same question: what happens when this technology leaks?

Because Mythos did not leak. Anthropic is controlling access. And the financial system is still terrified. Now imagine what happens when the next lab builds something equivalent and is not as careful.

What happens next

OpenAI already announced its own cybersecurity model, GPT-5.4-Cyber, last week in what looked like a direct response. The race is on: whoever controls the best offensive AI also controls the best defensive AI. Banks are lining up on both sides.

But the ECB warning reveals something bigger than one model or one company. AI has created a new class of systemic financial risk. Not a market bubble. Not a liquidity crisis. A technology that could simultaneously find and exploit vulnerabilities across every interconnected financial system on the planet.

Four central banks figured that out in a single week. The question now is whether the industry can patch faster than the models can probe.