The European Union is seeking deeper U.S. talks on advanced AI cyber models as Anthropic's Mythos-class systems raise concerns about vulnerability discovery, safeguards and the shrinking patch window.
Last checked: May 31, 2026. This article uses CNBC reporting on EU-U.S. talks, CERT-EU guidance, and Anthropic's public Project Glasswing materials. Some details about government-to-government talks and Mythos preview access come from reported confidential discussions, so they should be treated as developing rather than final policy.
Quick answer
The European Union is seeking to intensify discussions with the U.S. administration on advanced AI models with cyber capabilities, according to CNBC reporting citing a European Commission spokesperson. The talks come as Anthropic's unreleased Claude Mythos Preview and future "Mythos-class" systems raise concern that frontier AI can help find, reason about and in some cases operationalize serious software vulnerabilities.
This is not just a diplomatic story. It is a patch-capacity story. Anthropic says Project Glasswing and its partners found more than 10,000 high- or critical-severity vulnerabilities in important software. CERT-EU says AI-powered tools are changing the economics of vulnerability discovery and that defenders need to adapt now.
The practical message for users and businesses is direct: expect faster vulnerability discovery, more pressure on software vendors, and a shorter window to patch critical systems before similar capabilities spread beyond controlled defensive programs.
What happened
CNBC reported on May 29, 2026 that the European Union wants to intensify talks with the U.S. on the most advanced AI models, including models with cyber capabilities. A Commission spokesperson told CNBC that cybersecurity is a shared priority and that the EU and U.S. have agreed to mutually recognize their standards in this area.
The same report said the EU is expanding technical discussions with Anthropic and other model developers that have notified their latest models to the EU AI Office. The article also reported that Anthropic had not granted the EU, its AI Office or most non-U.S. government organizations preview access to Mythos, with the U.K. AI Security Institute described as an exception.
That access question matters because Mythos is not a normal chatbot launch. Anthropic says Claude Mythos 2 Preview is an unreleased frontier model with unusually strong cybersecurity capabilities, strong enough that the company is restricting access and using it through Project Glasswing for defensive vulnerability discovery.
Why Mythos changed the conversation
Anthropic's Project Glasswing materials say Mythos Preview can surpass all but the most skilled humans at finding and exploiting software vulnerabilities. Anthropic says it found high-severity vulnerabilities in major operating systems and browsers, including old issues in OpenBSD and FFmpeg, and a Linux kernel vulnerability chain.
On May 22, Anthropic said Project Glasswing and roughly 50 partners had used Mythos Preview to find more than 10,000 high- or critical-severity vulnerabilities across systemically important software. Anthropic's open-source scan found 23,019 candidate issues, including an estimated 6,202 high- or critical-severity findings, with independent review underway for a subset.
The core policy problem is that the same capability helps both sides:
| Defensive use | Offensive risk |
|---|---|
| Find hidden vulnerabilities before attackers do | Find hidden vulnerabilities for exploitation |
| Generate patches and regression tests | Generate exploit hypotheses and tooling |
| Prioritize critical infrastructure exposure | Map high-value enterprise targets |
| Speed coordinated disclosure | Compress attacker research timelines |
| Test model safeguards before release | Spread capabilities if safeguards fail |
That dual-use nature is why governments are now debating who should get preview access, how safeguards should be tested, and how quickly model providers can safely expand availability.
The 6- to 12-month warning
CNBC reported that Anthropic CEO Dario Amodei warned of a six- to 12-month window to patch tens of thousands of software vulnerabilities uncovered by Mythos before Chinese AI catches up. Anthropic declined CNBC's request for comment in that report.
That warning should be read as a strategic risk estimate, not a precise countdown clock for every company. Still, it matches what defenders are seeing: AI is making vulnerability discovery faster, and open-weight or widely available models may narrow the gap to frontier systems over time.
CERT-EU's April 2026 guidance put the same idea in operational terms. It said AI-powered tools are discovering and exploiting software vulnerabilities at a pace that breaks the traditional patch cycle, and it warned that exploitation of internet-facing software remains a high-impact initial access vector against EU entities.
Why the EU wants deeper U.S. talks
The EU has its own AI Act, AI Office and cybersecurity bodies, but the most powerful frontier models are largely developed by U.S.-based companies. If access decisions, model safeguards and cyber evaluations are controlled mainly through U.S. labs and U.S. government processes, European regulators and defenders may have less visibility into models that affect European critical infrastructure.
The talks therefore appear to center on several questions:
- Can the EU AI Office or European security bodies review Mythos-class models before broad release?
- What safeguards must be in place before models with advanced cyber ability reach customers?
- How should the EU and U.S. coordinate standards without creating conflicting rules?
- How should sensitive cyber findings be shared without leaking exploitable details?
- How can allies move fast without giving adversaries a roadmap?
This is not only about regulation. It is about trust between allies when the technology is strategically sensitive.
What "cyber capabilities" means
In this context, cyber capability does not simply mean a model can write code. It means the model may help with tasks across the attack and defense chain.
Examples include:
- Reconnaissance of software architecture and exposed services.
- Reading code to identify vulnerable patterns.
- Generating proof-of-concept exploit logic in controlled settings.
- Chaining multiple weaknesses into a larger compromise path.
- Reverse-engineering patches or binaries.
- Drafting patches, tests and remediation notes.
- Prioritizing which flaws matter most in real environments.
Anthropic's public examples include OpenBSD, FFmpeg and Linux kernel findings. CERT-EU says its own AI-powered penetration-testing pipeline mirrors professional testing from reconnaissance and code analysis through vulnerability identification, exploitation, remediation and reporting.
The risk is not that AI makes every person an elite attacker overnight. The risk is that it raises the baseline speed and scale of vulnerability research.
What governments need to decide
Governments face a hard balance. If access to Mythos-class models is too restricted, defenders in allied countries may lack tools to test their own critical systems. If access is too broad, similar capabilities could leak, be misused or accelerate offensive development.
The likely policy areas are:
| Policy question | Why it matters |
|---|---|
| Preview access | Determines which governments and security teams can evaluate frontier cyber models before release |
| Safeguards | Sets limits on exploit generation, autonomous scanning and harmful assistance |
| Disclosure | Controls how AI-discovered vulnerabilities are reported to maintainers |
| Export and access controls | Addresses whether advanced cyber-capable models should be shared outside the U.S. |
| Incident reporting | Helps governments know when models are abused or safeguards fail |
| Open-source support | Reduces the burden on maintainers receiving AI-generated reports |
The strongest approach will not be a single rule. It will be a coordinated system of model evaluations, access controls, vulnerability disclosure, funding for maintainers and faster patch deployment.
What businesses should do now
Companies should not wait for the EU and U.S. to finish policy talks before improving their own defenses.
Start with software exposure:
- Identify internet-facing applications, VPNs, firewalls, identity portals and admin tools.
- Build an inventory of critical dependencies, especially parsers, media libraries, cryptography libraries and remote-access components.
- Shorten patch windows for high-risk, internet-facing and privilege-changing flaws.
- Track time from vulnerability disclosure to production deployment.
- Require owners for critical open-source dependencies.
- Test whether emergency patches can ship outside normal release cycles.
Then improve AI-era security operations:
- Use AI to cluster vulnerability reports and remove duplicates.
- Keep humans responsible for severity, disclosure and production changes.
- Add regression tests for security patches.
- Monitor for exploitation before patches are available.
- Harden identity, MFA and privileged access because vulnerability exploitation often combines with stolen credentials.
The organization that can patch quickly and safely will have an advantage over the organization that merely finds issues faster.
What developers and maintainers should do
Open-source and enterprise developers should assume AI-assisted vulnerability reports will keep rising. Some reports will be real and serious. Others will be noisy, duplicated or low quality.
Useful steps:
- Publish a clear security policy and contact path.
- Add fuzzing and sanitizer coverage for risky input parsers.
- Use dependency scanning and software bills of materials.
- Keep release notes clear so downstream users know whether they are affected.
- Require tests for security fixes.
- Label duplicate and invalid reports consistently.
- Consider funding or triage support for critical open-source maintainers.
The bottleneck is shifting from discovery to validation and remediation. That means maintainer capacity is now part of national cyber resilience.
What everyday users should know
Most users will not interact directly with Mythos-class models. They will feel the impact indirectly through faster software updates, more urgent security advisories and more convincing AI-assisted scams.
Users should:
- Turn on automatic updates for operating systems, browsers and major apps.
- Use passkeys or phishing-resistant MFA where available.
- Avoid unofficial patches or downloads shared through social media.
- Keep backups before major updates.
- Be skeptical of urgent messages asking for codes, payments or software installs.
What to watch next
The next signals to monitor are:
- Whether Anthropic expands Mythos-class access to more customers.
- Whether EU institutions gain preview access or equivalent evaluation rights.
- Whether the U.S. sets formal rules for sharing advanced cyber-capable models with foreign governments.
- Whether CERT-EU, ENISA or national cyber agencies issue new patch-prioritization guidance.
- Whether AI-generated vulnerability reports overwhelm more open-source triage programs.
If allied governments agree on evaluation standards, the result could be a faster defensive ecosystem. If they do not, access and disclosure could fragment by jurisdiction.
FAQ
Is the EU already using Anthropic's Mythos model?
Public reporting says Anthropic had not granted the EU or its AI Office preview access at the time CNBC reported the story. The EU was expanding technical discussions with Anthropic and other model developers.
What is a Mythos-class model?
Anthropic uses the phrase for models with capabilities similar to Claude Mythos Preview, an unreleased frontier model that Anthropic says can find and help exploit software vulnerabilities at an advanced level.
Is the 6- to 12-month window confirmed policy?
No. CNBC reported it as a warning from Anthropic CEO Dario Amodei about the time available to patch tens of thousands of vulnerabilities before Chinese AI catches up. It is a strategic warning, not a binding deadline.
Should companies panic?
No. Companies should act. The right response is asset inventory, faster patching, better vulnerability triage, identity hardening and clear incident response.
Does this mean AI models should be banned?
That is not the policy debate described here. The debate is about controlled access, cyber safeguards, model evaluations and coordinated vulnerability disclosure for the most capable systems.
Bottom line
The EU-U.S. talks are about more than one Anthropic model. Mythos is a preview of a broader shift: AI can find and reason about software vulnerabilities faster than traditional security operations can patch them.
For governments, the challenge is allied coordination before the capability spreads. For companies, the challenge is shrinking the time from confirmed finding to deployed fix. For users, the safest move remains boring but effective: keep software updated and use stronger account security.
Sources
- CNBC on EU-U.S. talks and Mythos concerns: cnbc.com
- CERT-EU on AI vulnerability discovery: cert.europa.eu
- Anthropic Project Glasswing: anthropic.com/glasswing
- Anthropic Project Glasswing initial update: anthropic.com/research
- European Commission on the AI Act: digital-strategy.ec.europa.eu
- CISA Secure by Design: cisa.gov/securebydesign
Before you move on
Defensive security explainers. Use this short checklist to turn the article into action.
- Change reused passwords on important accounts.
- Enable multi-factor authentication or passkeys where available.
- Keep a separate backup for files you cannot afford to lose.
This guide is written for practical user safety. For account, platform, or legal decisions, confirm critical steps with the official help center or your service provider.
