JPMorgan Chase is running live tests of Anthropic's Mythos AI model, the frontier system Anthropic announced on and described as capable of exceeding human cybersecurity experts at finding and exploiting software vulnerabilities. The bank's participation was confirmed through Project Glasswing, the Anthropic-organized coalition of Big Tech and financial institutions that was disclosed alongside the model launch. In an interview, JPMorgan chief executive Jamie Dimon said plainly that AI has made the cyber picture "worse, not better" for the world's largest bank, framing the Mythos trial less as a productivity experiment than a defensive measure.
What JPMorgan Is Actually Running
Project Glasswing, according to Anthropic's launch materials, is limited to a small set of organizations that Anthropic believes operate software at the scale where a Mythos-class model finding a novel vulnerability first would matter. JPMorgan sits alongside Amazon, Apple, Google, and Microsoft in that group. Anthropic's framing is narrow: use Mythos to scan the participant's own code for flaws before adversaries using a similar model find them.
The bank has not disclosed specific code paths being scanned. What Dimon confirmed in the interview is the structure: JPMorgan engineers are running Mythos against internal systems in a controlled environment, isolating the findings, and routing them into the bank's existing vulnerability management process. Jack Clark, Anthropic's co-founder and policy chief, described the broader intent at this week's Semafor World Economy conference.
"We're releasing it to a subset of some of the world's most important companies and organizations so they can use this to find vulnerabilities. There will be other systems just like this in a few months from other companies, and in a year to a year-and-a-half later, there will be open-weight models from China that have these capabilities. So the world is going to have to get ready for more powerful systems that are going to exist within it."Jack Clark, Co-founder and Policy Chief, Anthropic
That last line is the one that reshaped how JPMorgan's security organization is talking about the test. If the capability leaks into open weights within 18 months, a bank sitting on trillions of dollars of transaction volume does not get to wait for the second generation.
Dimon's "Worse, Not Better" Framing
Jamie Dimon has spent years describing cybersecurity as JPMorgan's single largest operational risk, and the bank spends roughly $15 billion annually on technology, with a significant slice routed into security. His assessment of AI's effect on that posture has shifted over the last six months.
Earlier in 2025, Dimon's public remarks on AI leaned optimistic, framing the technology as a force multiplier for fraud detection and anomaly identification. The Mythos announcement changed the messaging. His new framing: AI is compressing the time between vulnerability disclosure and active exploitation, and the defender's advantage is shrinking.
"AI has made it worse, not better. It has accelerated what attackers can do, and the defensive tooling is playing catch-up. We are running Mythos because we have to, not because it is a productivity story."Jamie Dimon, CEO, JPMorgan Chase
Industry data supports the premise. IBM's 2025 Cost of a Data Breach Report found the average time to identify and contain a breach declined only modestly year over year despite rising security spend, and that generative AI-assisted phishing campaigns are producing measurably higher click-through rates than traditional templates. The Mythos release, which moves AI capability up the stack from social engineering into active vulnerability discovery, is what Dimon is reacting to.
How Mythos Differs From Prior Coding Models
Mythos is not a general-purpose upgrade over Claude Opus. Anthropic positioned it specifically as a cybersecurity-tuned model, with evaluations conducted by the United Kingdom's AI Security Institute. The institute's published assessment described the model as a "step up" on offensive cyber evaluations.
"Mythos Preview can exploit systems with weak security posture, and it is likely that more models with these capabilities will be developed."UK AI Security Institute, Mythos Evaluation Report
David Sacks, formerly the White House AI and crypto czar and a frequent Anthropic critic, said on the All-In podcast that even skeptics should take the release seriously.
| Capability | Prior frontier coding models | Mythos (per Anthropic, UK AISI) |
|---|---|---|
| Single-vulnerability identification | Strong | Stronger, higher recall on novel classes |
| Exploit chaining | Limited, often required human stitching | Autonomous chaining across multiple bugs |
| Systems with weak security posture | Useful for triage | Capable of end-to-end exploitation |
| Release posture | Broad API access | Select customers only, Glasswing gated |
The framing matters for JPMorgan because the bank's threat model has always assumed that a capable actor with unlimited time could eventually find a flaw in any sufficiently complex system. What Mythos changes is the "unlimited time" assumption. The question becomes whether defenders can run the same model against their own code faster than attackers can run equivalents against the outside of it.
The White House Dimension
The bank's Mythos trial is unfolding against a rapidly shifting federal picture. Earlier this month we covered how the White House Office of Management and Budget moved to open federal agency access to Mythos, and Anthropic CEO Dario Amodei met White House chief of staff Susie Wiles on to discuss collaboration on cybersecurity, AI safety, and maintaining a U.S. lead in the AI race.
The convergence is unusual. A private bank, a San Francisco AI lab that the Pentagon labeled a supply-chain risk in January, and the Office of Management and Budget are all running parallel workstreams on the same model in the same month. The common thread is that none of the three parties believe the alternative, waiting for a comparable capability to surface from elsewhere, is a defensible posture.
What Banks Without Glasswing Access Are Doing
JPMorgan's position inside Project Glasswing gives it something most financial institutions do not have: direct early access to the exact capability adversaries will eventually wield. Second-tier banks, regional institutions, and most of the global banking sector are not in the coalition.
The Financial Services Information Sharing and Analysis Center, the sector's primary threat intelligence body, has been briefing members on Mythos-class risks since the April 7 announcement. The practical advice has converged on three areas: accelerate patching cadences for known vulnerabilities, invest in automated code review before any AI-assisted attacker gets to the same code, and assume that models with similar offensive capability will be commercially available within a year.
Our earlier reporting on the broader cybersecurity reckoning Anthropic's Mythos release has triggered lays out how the defender-attacker dynamic shifts as these models diffuse. The JPMorgan test is one of the first concrete data points on how large enterprises operationalize that shift.
Open Questions
Three things remain unresolved. First, Anthropic has not disclosed what happens to vulnerabilities Mythos surfaces inside Glasswing partners. If JPMorgan finds a severe flaw in a piece of shared infrastructure, responsible disclosure norms apply, but the speed of that disclosure cycle, and who coordinates it, is not public.
Second, the bank has not stated what Mythos access means for its headcount plans in application security. Dimon has been consistent that AI would reduce some roles at JPMorgan, and the most exposed roles are exactly the junior security analyst positions that a capable code-review model could displace. The bank employs tens of thousands of technologists, and the question is whether this shift is gradual redeployment or something sharper.
Third, and most important for the rest of the sector, is the timeline on commoditization. If Clark's prediction holds, an open-weight model with similar capabilities will exist within 18 months, and the protective moat of Glasswing access disappears. At that point every defender has the capability, and so does every attacker. The window in which early access provides asymmetric defense is narrow, and the work JPMorgan does inside it will shape how the bank's security posture looks on the other side.
Tesla reports earnings on , but Anthropic's own compute build and its custom chip partnership with Google and Broadcom are the more relevant signals for whether the Mythos capability stays singular or quickly replicates. Watch for how quickly other labs disclose comparable evaluations.
