Canada’s top financial watchdog just told the country’s biggest banks to start worrying about an AI model most people haven’t even heard of yet. The Office of the Superintendent of Financial Institutions (OSFI) sent an urgent warning on April 29 to banks and insurers flagging cybersecurity risks tied to Anthropic’s Claude Mythos, an AI system built to discover software vulnerabilities at a pace that makes traditional methods look like a dial-up connection.
The warning went directly to chief technology officers, information security leads, and risk officers at major Canadian financial institutions.
What Claude Mythos actually does, and why regulators are nervous
Claude Mythos is a specialized AI model designed to scan software for vulnerabilities faster than any human team could manage. Banks that received limited access to the tool reportedly uncovered hundreds to thousands of previously unknown vulnerabilities, forcing them into emergency remediation sprints.
Anthropic itself has acknowledged the dual-use problem. The company analyzed 832 banned malicious accounts between March 2025 and March 2026, and concluded that AI is actively making cyber criminals more effective.






