May 9, 2026

The Fed Chair Called Banks Over an AI That Found Everything

Anthropic's Mythos found thousands of zero-days. The Fed called. Here's what builders need to know.

Anthropic built an AI model that found thousands of zero-day vulnerabilities in every major operating system and web browser. The Federal Reserve chair and the Treasury secretary called bank CEOs to discuss it.

The Breaker

Anthropic’s Mythos isn’t just another vulnerability scanner. It found thousands of zero-days across every major OS and browser. We aren’t talking about XSS or CSRF. We are talking about kernel-level breaks and firmware flaws that skilled teams spend months hunting.

This changes the game. The economics of offensive security just collapsed. A team of elite researchers might find one zero-day in a month. Mythos found thousands. The company stated there is a 6 to 12 month retrain cycle, meaning the models get smarter and the vulnerability pool grows.

This is why the Fed called. When a single model can break the entire software ecosystem, the threat model isn’t “increased risk.” It is “total vulnerability.” Every system is a target. The playing field just flipped.

The Fixer

The panic is warranted. But so is the opportunity. If the cost of finding vulnerabilities drops to zero, the cost of fixing them must do the same.

Enter Intruder.

A manual penetration test costs between $10,000 and $50,000. It takes weeks to schedule and days to execute. By the time the report lands, the architecture has changed. Intruder built an AI that performs the same job in minutes. It scans, exploits chained vulnerabilities, and generates a remediation report automatically.

If Mythos is the warning shot, Intruder is the rapid response. The window between “vulnerability discovered” and “vulnerability patched” just shrunk from weeks to minutes.

The Market Reacts

Don’t take our word for it. Watch the money.

Akamai locked down a $1.8 billion cloud deal with a “leading frontier model provider.” Bloomberg identified the client as Anthropic. Their stock had its best day in 22 years.

Simultaneously, Google launched a $99 AI health coach, and Whoop bet on real human doctors. The divergence in strategy tells you everything. Builders are betting the house on inference. The security industry is betting on models ingesting their entire codebase. The AI race is an infrastructure race, and security is the gating factor.

The Signal

For builders, the signal is brutally clear: security is now a bottleneck, and AI is the only wrench that fits.

If you are shipping software without an AI-driven security feedback loop, you are building sandcastles in a hurricane. The attackers have Mythos. The good security teams have Intruder. The rest are relying on hope.

The next generation of security tools won’t just scan your code. They will reason about it, exploit it, and generate the fix. The builders who integrate this into their CI/CD pipeline today won’t be the ones getting calls from the Fed tomorrow.

Vulnerability discovery is automated. If you don’t ship with an AI security layer, you are shipping blind.