Goldman Sachs used Monday’s Q1 earnings call to confirm what had been in the air since last week’s Treasury meeting: the bank is working closely with Anthropic and several security vendors to manage the cyber risks around Claude Mythos.
What Goldman actually said
The official line: Goldman is already using Mythos internally and, at the same time, working with Anthropic and security vendors to assess the threats the model could enable. That’s the first official confirmation from a Wall Street bank that Mythos isn’t just being evaluated in theory — it’s in production use.
CEO David Solomon was in Washington on April 8 for the hastily arranged meeting between Treasury Secretary Scott Bessent, Fed Chair Jerome Powell and the CEOs of Citi, Morgan Stanley, Bank of America, Wells Fargo and Goldman. JPMorgan’s Jamie Dimon was the only one who couldn’t make it. Topic: how US banks should prepare for Mythos and successor models.
Mythos as threat and defense
What’s interesting about Goldman’s confirmation: Mythos is simultaneously the threat and the defense. The same model that surfaced thousands of high-severity vulnerabilities across operating systems and browsers is now being used to close those gaps in banks’ own stacks. Anthropic has rolled out the model via Project Glasswing to 11 founding partners and roughly 40 additional organizations — JPMorganChase is officially named, and Goldman clearly has access too.
My take
Three weeks ago Mythos was primarily a research note. Now it’s a boardroom cybersecurity topic. A bank like Goldman mentioning it on an earnings call is not accidental — shareholders want to know how seriously the firm is taking the new threat landscape.
A new pattern is forming here. Critical infrastructure — banks, cloud providers, chipmakers — gets preferred access to a model that is withheld from the public. That’s a different logic than Claude Opus or Sonnet. We’re watching frontier AI split into clearly defined access tiers in real time.
Sources: