India stress-tests banking software against Anthropic's most powerful AI model
India's government is running emergency security audits of its financial and government systems after Anthropic's Claude Mythos, an unreleased AI model, discovered tens of thousands of software vulnerabilities across every major operating system. Finance Minister Nirmala Sitharaman has flagged significant risks to the country's banking sector.
The stress-testing began in late April to early May 2026. The Reserve Bank of India and critical infrastructure protection agencies are coordinating with finance ministry officials in what amounts to an unscheduled mobilization of cyber defenses.
What Mythos found
During internal testing, Mythos uncovered serious flaws in every major operating system and web browser. The numbers dwarf what previous models detected: roughly 500 vulnerabilities for Opus 4.6, compared to tens of thousands for Mythos.
On a Firefox-specific benchmark measuring autonomous exploit development, Mythos successfully executed 181 times. Opus achieved nearly zero.
The model doesn't just find vulnerabilities-it autonomously develops exploits. This capability is why Anthropic has not released Mythos publicly. Governments treat it as a weapons system, not software.
Why India is mobilizing
If a single AI model can autonomously discover and exploit vulnerabilities across every major operating system, the threat landscape shifts fundamentally. The flaws Mythos identifies in traditional software don't stop at financial systems-they create exposure across critical infrastructure.
Unscheduled meetings between government officials and banking executives signal the severity of the assessment. India is also seeking access to Mythos for domestic enterprises, though testing access currently remains limited to around 40 U.S. companies, including Microsoft and JPMorgan Chase.
The access question
India's push for Mythos access reflects a broader conversation about equitable distribution of frontier AI capabilities. If cybersecurity-critical tools remain concentrated among a few dozen American firms, governments will increasingly treat AI access as a matter of national security rather than corporate procurement.
For government officials responsible for digital defense, this moment clarifies a practical reality: the countries and organizations with access to the most capable AI tools shape the security posture of everyone else. AI for Government and AI for Cybersecurity Analysts resources can help officials understand both the capabilities and the policy implications.
The Indian government's response is likely a preview of how other nations will approach frontier AI in the coming months.
Your membership also unlocks:
