The IMF Just Rang the Fire Alarm. And It's Not Just One Company.

The head of the International Monetary Fund doesn't do panic. That's not the job. Kristalina Georgieva spent her career managing sovereign debt crises, currency collapses, and global recessions. She's the person the world calls when things get bad. So when she goes on Face the Nation and says "time is not our friend on this" about an AI model & you should probably pay attention.

The model she's talking about is Claude Mythos Preview, Anthropic's latest release. And it didn't just get a quiet blog post. It got an emergency meeting between Federal Reserve Chair Jerome Powell, Treasury Secretary Scott Bessent, and the CEOs of the largest Wall Street banks. The Treasury Department is already scheduling follow-on coordination meetings with regulators. That's not hype. That's a five-alarm response. But here's what most coverage is missing: Anthropic isn't alone. This is a pattern, and it's accelerating.

What Mythos Actually Did

Anthropic's system card for Mythos & 244 pages & describes a model that autonomously scanned codebases and found thousands of high-severity zero-day vulnerabilities across every major operating system and every major web browser. Some of those bugs had been sitting undetected in production code for decades. The key word is autonomously . Previous tools could find vulnerabilities if you pointed them at the right piece of code. Mythos scans the entire codebase, finds the weak point buried in millions of lines, and then validates that it produces a real, working exploit. Both steps. End to end. Without a human in the loop.

That's a qualitatively different capability. Anthropic knew it. Rather than release it publicly, they assembled a closed coalition under Project Glasswing: AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, Palo Alto Networks. The idea is to give defenders a head start before this capability proliferates. They committed $100 million in usage credits to fund defensive work. That's not a PR move. That's a company that genuinely believes it built something dangerous.

Then There's Spud

Axios reported this week that OpenAI is finalizing its own product with advanced cybersecurity capabilities & internally known as “Spud” & and is planning an identical strategy: limited release, select partners only, phased rollout. Read that again. Two of the most advanced AI labs in the world, independently, have built models so capable at hacking that they won't release them to the public. And both are using the same containment playbook. That's not a coincidence. That's a convergence point. The industry has quietly crossed a threshold, and the two leading labs are signaling it simultaneously & through controlled leaks, emergency government briefings, and hundred-million-dollar defensive programs.

If Anthropic and OpenAI are both here, the question isn't whether this capability exists. The question is who else is building it and what their release strategy looks like.

The Part That Should Keep You Up at Night

Here's where it gets uncomfortable. Researchers at AI security firm AISLE tested several of the specific vulnerabilities Mythos highlighted using smaller open-weight models. Models anyone can download for free. On isolated code segments, they got comparable results. Now, there's a caveat: those researchers already knew which part of the code to target. Mythos finds the needle in the haystack without being told where to look. That distinction matters & until someone builds a pipeline that chunks a large codebase into segments and feeds each piece through a smaller model sequentially. The infrastructure to do that exists today. It's not a research project. It's an afternoon of engineering.

What This Means for Infrastructure and Finance

I've spent the last several years working at the intersection of AI systems and physical infrastructure. Most of that conversation has been about compute, power, and data center density. This week it got a different dimension.

The IMF's concern isn't abstract. The global financial system runs on software & SWIFT, ACH, settlement networks, trading platforms, central bank systems. All of it. And most of that software has a security posture built for a world where sophisticated attacks required sophisticated, expensive human expertise. That world is ending.

What Mythos and Spud represent is the industrialization of vulnerability discovery. The skill floor for a catastrophic cyberattack is collapsing. Powell and Bessent didn't call that emergency meeting because they were bored on a Tuesday. The defenders have a window. Project Glasswing is an attempt to use the same offensive capability for defense. It's the right instinct. But it assumes the coalition holds, the access controls work, and no comparable model gets independently developed & or leaked & outside that circle. Each of those assumptions deserves serious scrutiny.

The Bigger Pattern

What I keep coming back to is the asymmetry. A model like Mythos can scan every line of code in a major OS faster than a human team can read the documentation. Defenders cannot patch every vulnerability it finds in any comparable timeframe. The attack surface expands faster than the repair rate. One lab doing responsible containment is a good story. Two labs doing it simultaneously, with the Treasury Secretary and the Fed Chair in the room, is a different story entirely.

The pattern is clear. The question now is whether the institutions that underpin global commerce can move fast enough to match it.

Time is not our friend on this one.