On Tuesday April 8, Treasury Secretary Scott Bessent and Federal Reserve Chairman Jerome Powell summoned the CEOs of every systemically important bank in America to an emergency meeting at Treasury headquarters. Citigroup’s Jane Fraser. Morgan Stanley’s Ted Pick. Bank of America’s Brian Moynihan. Wells Fargo’s Charlie Scharf. Goldman’s David Solomon. The subject was a cybersecurity threat so severe that the two most powerful financial regulators in the country called a surprise session to warn the people who run the banking system.

One CEO was invited but did not attend. Jamie Dimon. JPMorgan Chase.

He did not need the warning. His bank already has the weapon.

JPMorgan is a launch partner of Project Glasswing, the private consortium Anthropic built around Claude Mythos Preview, the model Powell and Bessent were warning everyone else about. While five bank CEOs sat in a room learning their systems might be vulnerable to an AI that converts discovered software flaws into working exploits 72.4 percent of the time, JPMorgan was already running that AI against its own code. The bank that skipped the meeting is the only one that knows exactly how bad the exposure is, because it has the tool that creates the exposure.

Now hold three facts simultaneously. On Tuesday the Treasury Secretary convened an emergency cybersecurity briefing about Anthropic’s model. The same week, a federal appeals court denied Anthropic’s request to block the Pentagon’s designation of the company as a national security threat. And Anthropic briefed CISA, the government’s own cybersecurity agency, before the launch.

The company the President ordered every federal agency to blacklist is briefing the government’s cybersecurity agency on the model the Treasury Secretary is warning banks about. The company the Pentagon calls a supply-chain risk built a tool that found a 27-year-old remote code execution vulnerability in OpenBSD, a 16-year-old flaw in FFmpeg that five million automated tests missed, and privilege escalation chains in the Linux kernel that grant root from an unprivileged user. Fewer than one percent of the vulnerabilities Mythos has discovered have been patched. The disclosure pipeline is not slow. It is overwhelmed.

Mythos does not fuzz. It reads code the way a senior exploit developer reads code, except it reads all of it simultaneously, understands compiler behavior, maps memory layouts, and sees the geometry of flaws that coverage-guided testing is structurally blind to. On Firefox’s JavaScript engine, the prior model produced two working exploits out of several hundred attempts. Mythos produced 181. It wrote a browser exploit that chained four vulnerabilities, built a JIT heap spray, and escaped both the renderer sandbox and the operating system sandbox without human input. Nobody trained it to do this. The capability emerged from general reasoning improvements. Every frontier lab currently scaling is on a trajectory toward the same emergent weapon whether they know it or not.

Anthropic’s response was not to sell it to the Pentagon that blacklisted them or the banks that Powell is warning. They built a private defensive coalition of fifty organizations, committed $100 million in free compute, and started a 90-day clock. By early July the Glasswing report will show either the largest coordinated vulnerability remediation in software history or proof that AI discovery speed has already outrun human patching capacity.

Jamie Dimon did not attend the meeting because he did not need to. That asymmetry is the new equilibrium. You either have access to the tool or you are sitting in a room being warned about it.