Germany flags Anthropic’s “Claude Mythos” as a national security risk for banks and Europe’s cyber defenses

German regulators are treating Anthropic’s new AI model, “Claude Mythos,” less like a Silicon Valley product launch and more like a potential national security problem, especially for banks.

The concern: Mythos is being touted as capable of spotting software vulnerabilities that seasoned security teams and automated scanners have missed for years. If that’s true, it could help defenders slam doors shut faster, or hand attackers a way to find new doors to kick in, at machine speed.

Complicating matters for Europe, many officials are debating the risks without being able to independently test the model. Germany is moving anyway, warning that when the threat changes, slow-moving bureaucracy becomes a vulnerability of its own.

Germany’s bank watchdog is already sounding the alarm

The most concrete reaction is coming from Germany’s financial sector and BaFin, the country’s powerful banking supervisor, roughly the German equivalent of a mash-up between U.S. banking regulators like the OCC and the Federal Reserve’s supervisory arm.

BaFin and bank security leaders are focused on a blunt operational reality: if an AI can discover exploitable flaws faster than institutions can patch them, the “window of risk” widens. One bank security executive told trade press that if AI-driven discovery outpaces patching, exposure grows, even if the bank is doing everything “right” by traditional standards.

BaFin is urging institutions to prepare for a near-term surge in vulnerabilities that need fixing. For banks, patching isn’t a quick click. Updates can require testing, validation, regulatory sign-off, and coordination with third-party vendors, exactly the kind of slow, careful process that doesn’t mix well with rapid-fire vulnerability discovery.

There’s a twist: the same tool could strengthen defenses if used under tight controls by trusted security teams. But German officials are looking at the symmetry problem, if capable criminal groups get comparable tools, the risk isn’t just to individual firms. It becomes systemic, threatening online banking and critical digital services at scale.

Germany’s cyber agency calls it a “paradigm shift”, without direct access

Claudia Plattner, who leads Germany’s Federal Office for Information Security (BSI), the country’s top federal cybersecurity agency, has described the moment as a “paradigm shift” in the threat landscape.

What’s striking is what Germany doesn’t have: direct access to Mythos. According to the reporting summarized in the French article, BSI has held discussions with Anthropic, including meetings in the United States, but has not been able to run hands-on technical evaluations itself. That leaves a major European cyber power trying to assess a high-stakes capability partly at arm’s length.

Even so, German officials say they’re taking the claims seriously and preparing for disruption in how vulnerabilities are found, disclosed, and fixed. If AI accelerates discovery, especially in older code, open-source libraries, and widely used network components, then patch management cycles, audits, and “responsible disclosure” norms may need to evolve fast.

In the best-case scenario, software makers use the model to uncover long-buried bugs and ship fixes. In the worst-case scenario, those same “historical” vulnerabilities are sitting inside hospitals, power systems, transportation networks, and other critical infrastructure where updates can be slow, risky, or sometimes practically impossible.

Plattner has also raised the question regulators everywhere are circling: do “extraordinarily powerful” tools eventually end up broadly available? If they do, cybersecurity stops being a niche contest of elite talent and becomes an arms race where advanced capability is cheap, replicable software.

Anthropic is keeping Mythos behind a tight gate, Project Glasswing

Anthropic has opted for controlled distribution. Mythos isn’t broadly available; it’s limited to a small partner group under a program called Project Glasswing.

Anthropic has pointed to Apple, Microsoft, and Cisco among the participants, along with roughly 40 organizations that “build or maintain critical software infrastructure.” Some experts see that as a responsible move to limit proliferation while monitoring real-world use.

But the same restriction puts European regulators in an awkward spot: they’re expected to assess and manage risk without the ability to independently verify what the model can do. In a geopolitical environment where governments already distrust one another, and don’t love relying on a foreign private company for insight into a major threat, that’s a recipe for political friction.

Anthropic, which does most of its business selling to companies, has been expanding its European footprint with offices in Dublin, London, Paris, and Munich. That signals it wants to work with Europe. But “we’re investing here” is not the same as “we’ll provide controlled access to a sensitive model,” and that gap is quickly turning into a policy fight.

Europe’s top regulator is debating a model it can’t test

The European Commission, the EU’s executive branch and the engine behind major tech rules, has met with Anthropic multiple times since Mythos was announced, but still hasn’t secured access to the model, according to the French report. The sticking point is how to share it safely and under what conditions.

That matters because the EU often positions itself as the world’s toughest digital regulator. But regulating a system you can’t test is hard, even with the best lawyers and the most detailed rulebooks.

In Brussels, the debate is increasingly framed around “systemic risk,” a concept embedded in the EU’s sweeping AI Act, Europe’s law designed to set guardrails for high-risk AI systems. A model that could materially affect critical sectors like finance and infrastructure fits squarely into that conversation. But to classify and constrain it, regulators need technical evidence, scenarios, metrics, and verification, not just briefings.

The French article also highlights a growing global reality: there’s no AI equivalent of a nuclear nonproliferation treaty. Governments are wary, companies are racing, and common rules move slowly while frontier models evolve on quarterly, or even monthly, cycles.

The United Kingdom, now outside the EU, has reportedly been able to test Mythos through its AI safety institute and said it acted based on the results. That contrast adds pressure inside the EU: if some allies have operational insight and others don’t, preparedness becomes uneven, and in cybersecurity, uneven preparedness often shows up as outages, ransomware, and cascading service disruptions.

Why France, and other countries, may move on their own

The French article argues that Germany’s posture should be a warning shot for Paris: don’t wait for Brussels to settle the debate. Build a national framework for controlled evaluation and rapid response, at least for critical sectors.

The bottleneck, as one French cybersecurity expert put it in the report, isn’t just finding vulnerabilities, it’s everything that comes after: patching, crisis management, communications, and coordination among software vendors, contractors, and customers. If AI dramatically increases the volume of exploitable flaws, security operations centers and incident response teams will have to triage faster, automate more, and accept that some risk will remain.

The article also draws a boundary around the current concern: Mythos is being presented as especially strong in cybersecurity, while its creators reportedly describe lower risk, at least for now, on other fronts like helping produce chemical or biological weapons. The immediate policy fight, in other words, is about digital security: who gets access, who can test, and how fast societies can patch what the AI finds.

The broader implication for Europe, and the U.S., is familiar: when a new capability shifts the balance between discovery and defense, the winners aren’t just the ones with the best tools. They’re the ones who can move fastest from “we found a flaw” to “it’s fixed everywhere that matters.”