Article image
SEIKOURI Inc.

The New AI Panic Is Not About Chat

Markus Brinsa 18 Apr 20, 2026 9 9 min read Download Web Insights Edgefiles™ seikou.AI™

Sources

The meeting that should have broken the mood

For years, the public conversation about AI has been split between two irritating extremes. On one side, the cheerful productivity sales pitch. On the other, the giant flaming asteroid of hypothetical doom. In between sat the part that actually matters: the moment when a capability becomes serious enough that boring institutions begin to move.

That moment may have arrived with Mythos.

Not because the internet needed another grandiose model name. Not because an AI lab said its new system was unusually powerful. Silicon Valley says that before breakfast. What made this episode different was the speed with which the reaction jumped the usual rails.

Reuters reported that Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell convened an urgent meeting with major U.S. bank CEOs over the cyber risks tied to Anthropic’s latest model. CBS reported Kristalina Georgieva warning that “time is not our friend,” and saying the world does not currently have the ability to protect the international monetary system against massive cyber risk. Reuters then reported that British regulators were holding urgent talks with the National Cyber Security Centre and major banks over the same class of concern. That is not normal product-launch theater. That is institutional nervousness.

When central bankers, finance ministries, and critical infrastructure guardians all start leaning forward at once, it usually means the story has stopped being about software features. It has become a control problem.

What Anthropic actually claimed

Anthropic did not present Mythos as a clever chatbot with better manners. It presented Mythos Preview as a general-purpose model that is “strikingly capable” at cybersecurity tasks and announced Project Glasswing, a controlled initiative that gives selected partners access for defensive work on critical software. Anthropic’s red-team material says Mythos Preview identified and exploited zero-day vulnerabilities in every major operating system and every major web browser during testing, described thousands of additional high- and critical-severity vulnerabilities under responsible disclosure review, and documented examples ranging from a 27-year-old OpenBSD bug to chained Linux kernel privilege-escalation exploits.

NPR/WVTF summarized the basic point plainly: the models have moved from hallucination-era comedy into a phase where they can materially help find serious security flaws.

That is the first important distinction. Mythos may or may not deserve every inch of the panic around it. Some skepticism is healthy, especially when an AI company is the one narrating the danger of its own product. But the harder fact to ignore is that the claim pattern itself has changed. We are not looking at another benchmark chest-thump or another press release about how a model writes nicer code. We are looking at a frontier model being framed as a cyber actor.

And once that frame enters the room, every comfortable analogy starts to break.

The old AI debate was too neat

Most popular AI arguments still assume a relatively tidy sequence. First the models get broadly better. Then society slowly absorbs them. Then regulation catches up badly. Then eventually something goes terribly wrong at scale.

Mythos suggests a nastier possibility. Capability may not expand in a smooth consumer-facing line. It may jump in specific high-leverage domains that matter disproportionately to state capacity, financial resilience, and critical infrastructure security. In that world, you do not need a generally omnipotent model to trigger a governance crisis. You need a model that is unusually good at exposing brittle software, chaining vulnerabilities, accelerating exploit discovery, or automating pieces of technical work that used to bottleneck offensive and defensive cyber operations.

That is why the Mythos issue feels larger than Anthropic. It points to an uncomfortable shape of progress. AI risk may arrive in operational wedges. Cyber first. Then AI-on-AI research acceleration. Then internal model monitoring. Then automated security work. Then the same systems being proposed as the solution to the instability they helped create.

At that point, the argument stops being “should we be worried about AI someday?” and becomes “which institutions are fit to manage concentrated machine capability right now?”

The most revealing document was the risk report

Anthropic’s public risk report on Mythos Preview is more revealing than the headlines because it captures the contradiction in unusually clean language. The report says Mythos Preview appears to be the best-aligned model Anthropic has released to date. It also says the model is significantly more capable, more autonomously and agentically used than prior models, and that Anthropic identified errors in its own training, monitoring, evaluation, and security processes during development. The public report concludes that overall risk is “very low, but higher than for previous models,” and says progress on mitigations must accelerate as capabilities rise. That is a far more important sentence than it may look.

For years, the industry has sold a fairly comforting story in which better alignment and better safety methods would let labs keep capability scaling under reasonable control. The Mythos report hints at the harder reality: a model can be more aligned than its predecessors and still be more dangerous, simply because capability gains outrun the control surface.

That means “better behaved” is not the same thing as “governable.” It means alignment, if defined too narrowly, can improve while operational risk still rises.

That distinction matters enormously for executives and policymakers. Because once a model is powerful enough to help work around restrictions, identify latent weaknesses, and operate more autonomously inside complex technical workflows, the question is no longer whether it is polite, helpful, or nominally safety-tuned. The question is whether your monitoring, access controls, deployment design, and incident response assumptions were built for systems at this level. Anthropic’s own answer, implicitly, is: not yet fast enough.

Why the banks reacted

It is tempting to caricature bank executives as late to everything except bonuses, but their concern here is rational. Large financial institutions do not need Mythos to become publicly available to have a problem. They only need a world in which models with similar capabilities diffuse, are copied, are approximated, or are internally deployed by attackers, vendors, contractors, states, or reckless competitors.

Modern finance is not just balance sheets and market plumbing. It is an enormous lattice of software dependencies, aging infrastructure, vendor ecosystems, authentication systems, browser surfaces, cloud integrations, and institutional assumptions about uptime, trust, and recoverability. A model that materially lowers the cost of surfacing and exploiting weaknesses in widely used software does not need to attack a bank directly to matter to financial stability. It can hit service providers, middleware, network dependencies, identity layers, customer endpoints, third-party software, or any piece of shared infrastructure that turns localized technical weakness into systemic operational stress.

This is why the Mythos story is not really a banking story. It is a dependence story. Finance reacted fast because finance has learned, often painfully, that systemic fragility rarely announces itself politely. It arrives through interconnection.

The deeper Mythos problem is strategic asymmetry

The most important asymmetry in this story is not simply attacker versus defender. It is controlled access versus broad vulnerability.

Anthropic is trying to manage that gap through Project Glasswing, restricting access to selected organizations and using the model for defensive hardening.

In the near term, that is probably better than simply tossing a model like this into public circulation and hoping society enjoys the learning experience. But the structure is still strange. A private company develops a system that may alter the cyber risk profile of critical infrastructure, shares it with a privileged set of partners, briefs governments, alarms financial authorities, and implicitly asks the rest of the world to trust both its internal assessments and its access strategy.

That is not a stable long-term governance model. It may be necessary in the short run. It may even be the least bad option available in the moment. But it leaves a structural question hanging in the air: who gets the head start when frontier systems discover weaknesses in infrastructure that everyone depends on?

If the answer is “a small club of labs, governments, and strategic partners,” then AI safety has already moved into the politics of privileged access. If the answer is “eventually everyone,” then the race condition gets worse. Either way, the mythology of open progress gives way to the much less charming reality of capability rationing.

The Ajeya problem in the background

This is where the Ajeya Cotra conversation becomes relevant, not as philosophical garnish but as a warning about sequencing. In the recent 80,000 Hours discussion, she argues that there may be a narrow crunch-time window in which AI automates more of AI research and the same companies building more capable systems intend to use AI labor to solve the safety problems those systems create. She also notes the obvious weakness in that plan: the commitments remain vague, the redirection of resources is not quantified, and competitive pressure inside a recursive self-improvement loop could be irresistible.

Mythos makes that concern feel less abstract. Because here we already have a public example of the same logic in a more domain-specific form.

Build a system with dangerous cyber capability. Restrict it. Use it to defend critical software before others catch up. Hope the timeline is long enough. Hope the incentives hold. Hope the institutions coordinate. Hope the same basic engines of acceleration can be pointed toward stabilization faster than they can be pointed toward exploitation.

That is not irrational. But it is precarious. The plan, in plain English, is to outrun the consequences of your own breakthrough.

The governance gap is now embarrassingly visible

The IMF warning matters because it strips away the startup romance. Once a managing director of the IMF is publicly saying the world lacks the ability to protect the international monetary system against massive cyber risk, the issue is no longer whether frontier labs have clever safety frameworks. The issue is whether public institutions, regulatory structures, and cross-border coordination mechanisms are remotely matched to the capability gradient that is arriving. Right now, the answer appears to be no.

The evidence is sitting in full view. Companies are making deployment decisions with global externalities. Governments are getting briefed reactively. Banks are being warned after the fact. Regulators are scrambling into urgent talks. Public understanding is fragmented between people who think this is overhyped lab PR and people who talk as if machine godhood is scheduled for next Thursday. Neither camp is useful enough.

The better interpretation is more sober and, in its own way, more alarming.

We may be entering a phase where AI risk becomes legible first through systems that are good enough to destabilize critical domains without being magical enough to settle any of the big philosophical arguments. That is a governance nightmare, because institutions tend to respond best either to slow-moving regulation problems or to obvious catastrophe. What they handle badly is a fast-moving technical escalation that is real, uneven, deniable, and distributed across public and private actors.

That is exactly what the Mythos story looks like.

What leaders should actually take from this

The temptation will be to treat Mythos as either a one-off Anthropic spectacle or as the dawn of total cyber apocalypse. Both reactions are intellectually lazy.

The more useful conclusion is that frontier AI has entered a phase in which capability spikes in narrow but strategic domains can force top-level institutional response before society has anything resembling mature governance for them. That changes what serious leaders should watch. Benchmarks matter less than operational productivity. Model personalities matter less than what these systems can actually do inside technical workflows. Public release status matters less than whether comparable capability is diffusing across labs, states, contractors, or open ecosystems. And safety messaging matters less than whether hard controls, disclosure obligations, access rules, and incident coordination are keeping pace.

The Mythos issue is not that one company built a scary model.

The Mythos issue is that advanced AI is now beginning to collide with the exact parts of modern society that fail messily when they are stressed: finance, infrastructure, software trust, and institutional coordination.

That is why central bankers blinked. And if they blinked already, everyone else should stop pretending this is still just a product category.

About the Author

Markus Brinsa is the Founder & CEO of SEIKOURI Inc., an international strategy firm that gives enterprises and investors human-led access to pre-market AI—then converts first looks into rights and rollouts that scale. As an AI Risk & Governance Strategist, he created "Chatbots Behaving Badly," a platform and podcast that investigates AI’s failures, risks, and governance. With over 30 years of experience bridging technology, strategy, and cross-border growth in the U.S. and Europe, Markus partners with executives, investors, and founders to turn early signals into a durable advantage.

©2026 Copyright by Markus Brinsa | SEIKOURI Inc.