Anthropic’s AI Hunts Vulnerabilities for Japanese Banks

Japan’s three largest financial institutions are poised to join an exclusive club of organizations testing a powerful new AI tool designed to uncover critical security flaws. According to a source familiar with the matter who spoke to Reuters on Tuesday, Mitsubishi UFJ Financial Group (MUFG), Mizuho Financial Group, and Sumitomo Mitsui Financial Group (SMFG) will gain access to Anthropic’s Claude Mythos within roughly two weeks. This marks the first time a Japanese company has been brought into the restricted preview, which until now has been limited to partners in the United States and a handful of European nations.

The banks were informed of their inclusion during meetings in Tokyo this week with US Treasury Secretary Scott Bessent. Onboarding is expected to be completed by the end of May, placing these lenders at the forefront of a technology that regulators and executives alike have described as a potential turning point for cybersecurity.

Since Anthropic revealed Mythos earlier this month, the model has been treated as a category-shifting event. It has identified thousands of previously unknown zero-day vulnerabilities across every major operating system and web browser. In internal testing, Mythos even produced working exploit chains capable of escaping both renderer and operating-system sandboxes in a browser. Just last week, Mozilla shipped Firefox 150 with fixes for 271 vulnerabilities discovered by Mythos in a single evaluation pass.

Anthropic has not released Mythos to the public. Instead, the company is running a controlled rollout under Project Glasswing. The program includes 12 named launch partners,such as AWS, Apple, Cisco, Google, JPMorganChase, Microsoft, Nvidia, and Palo Alto Networks,along with roughly 40 additional institutions granted access on a case-by-case basis.

Japan’s inclusion follows recent moves by US and UK regulators. Weeks ago, the Federal Reserve and US Treasury convened American bank chief executives for a briefing on cyber risks. UK regulators have also committed to briefing major British banks within days. Tokyo is moving in parallel. Finance Minister Satsuki Katayama announced the formation of a 36-entity public-private working group on Mythos-class risks, comprising the country’s major banks, the Bank of Japan, and the Japanese units of Anthropic and OpenAI. The group, chaired by Mizuho’s chief information security officer, is tasked with identifying exposures, implementing defensive measures, and drafting contingency plans for a coordinated patching push across the Japanese financial system.

For the three banks involved, the immediate challenge is operational. Under Glasswing terms, Mythos is delivered with restrictions on output disclosure. The model is used to find vulnerabilities in a partner’s own systems and to draft remediation, not to publish exploits. The Mozilla case provides a template: 271 vulnerabilities patched in a single Firefox release after a Mythos sweep, with findings handed back to engineers under strict non-disclosure.

The geopolitical dimension is unusually visible. Bessent’s role in conveying the access decision in Tokyo aligns the Mythos rollout with US Treasury statecraft rather than Anthropic’s commercial sales channel, an arrangement that has drawn complaints from European capitals. Eurozone finance ministers raised the issue at an Ecofin meeting last week, where no EU government had access to the model while the White House was reported to be blocking further expansion of the partner list.

Industry views on Mythos remain split. Some cybersecurity researchers argue that the vulnerabilities Mythos surfaces are reachable through clever orchestration of public models, and that the bigger story is the rapid improvement of frontier AI in offensive cyber rather than Mythos itself. Others, including Anthropic CEO Dario Amodei, have described the moment as a “cyber moment of danger” that justifies the strict access controls.

Anthropic and the three Japanese banks did not immediately respond to requests for comment, according to the Reuters source’s account.