ECB’s Elderson urges euro zone banks to prepare for AI-led cyberattacks

European Central Bank board member Frank Elderson on Wednesday urged banks in the euro area to accelerate preparations against potential cyberattacks that could be launched using Anthropic’s Mythos AI model or similar technologies.

Frank Elderson, who also serves as Vice Chair of the ECB’s bank supervision arm, made the remarks in an interview published in the ECB’s Supervision Newsletter.

He said banks in the euro area currently do not have access to Mythos, but warned that this should not delay defensive preparations.

“Lack of access is not an excuse for inaction. On the contrary, it makes it even more critical that banks step up and act now,” Elderson said, as mentioned in a Reuters report.

ECB raises concerns over emerging AI cyber risks

The comments come as concerns grow globally over the cybersecurity implications of increasingly advanced artificial intelligence systems.

Earlier this week large US banks, which have reportedly been granted early access to Mythos, are moving quickly to address numerous weaknesses in their data systems that were identified by the AI model.

Mythos has emerged as a major concern among cybersecurity experts because of its ability to identify and exploit software vulnerabilities at a highly advanced level.

The model has prompted warnings from regulators and policymakers over the risks associated with AI-powered cyber threats.

Elderson warned that financial institutions should not focus only on the current version of the technology but also prepare for future AI systems that could become even more aggressive and capable.

Mythos AI seen as major cybersecurity challenge

Anthropic officially revealed Mythos in April 2026.

The company described it as a frontier-level, general-purpose AI model with highly advanced cybersecurity capabilities.

According to details provided about the system, Mythos has demonstrated an ability to identify and exploit vulnerabilities in software systems, including flaws that have remained undetected for decades.

During testing, the model reportedly generated working exploits on its first attempt more than 83% of the time, often outperforming human cybersecurity specialists.

The model is also capable of identifying so-called “zero-day” vulnerabilities, which refer to previously unknown software flaws in operating systems and web browsers.

Due to concerns over potential misuse, Anthropic has not made Mythos publicly available.

Instead, the company launched an initiative called Project Glasswing, under which access is restricted to vetted partners including Microsoft, Apple, Amazon Web Services, Google, and Nvidia.

These companies are permitted to use the model for defensive cybersecurity purposes, including identifying and patching vulnerabilities.

Concerns grow over misuse and unauthorised access

Beyond cybersecurity applications, Mythos is designed to support complex software engineering and multi-step reasoning workflows.

Anthropic has described it as representing a “new class of intelligence” above its Claude Opus tier.

However, concerns have intensified because of the model’s ability to autonomously locate and exploit software bugs, raising fears about how such technology could be misused if it falls into the wrong hands.

Reports in April 2026 suggested that a small group of users gained unauthorised access to Mythos through a private online forum.

Although those users reportedly did not use the model for hacking activities, the incident heightened concerns about the risks associated with uncontrolled access to advanced AI systems.