Jamie Dimon: Anthropic’s Mythos AI Is Like Giving People Ballistic Missiles
JPMorgan CEO Jamie Dimon warned that Anthropic's Mythos AI model poses serious cybersecurity risks, comparing it to handing ballistic missiles to individuals.

JPMorgan Chase CEO Jamie Dimon publicly warned about Anthropic's Mythos AI model at Senator Dave McCormick's Pennsylvania Defense and Innovation Summit on Wednesday. Speaking on its cybersecurity implications, Dimon said handing such a powerful tool to individuals is like giving them ballistic missiles. His remarks follow a US government order in June to restrict access to Claude Mythos 5 and Claude Fable 5 for foreign nationals, a restriction Anthropic later lifted after introducing additional safeguards.
What happened
| Detail | Fact |
|---|---|
| Event | Pennsylvania Defense and Innovation Summit |
| Who spoke | Jamie Dimon, CEO of JPMorgan Chase |
| Mythos launch date | April 2025, limited release |
| US restriction order | June 2025, foreign nationals barred from Claude Fable 5 and Claude Mythos 5 |
| Outcome | Anthropic suspended global access, then restored it after adding safeguards |
Dimon told attendees that risks tied to Anthropic’s Mythos model are “a real issue” and should not be dismissed. His exact words, reported by Reuters: “you’re giving ballistic missiles to individuals with Mythos.” He noted the US government is already treating the matter seriously and stressed that access to high-powered AI systems needs careful controls.
Anthropic introduced Mythos in April to a small group of users that included JPMorgan Chase. The model is built specifically to spot cybersecurity weaknesses, helping security teams find software vulnerabilities faster than human analysts can. The appeal to banks is straightforward: fix the hole before a hacker finds it.
Why did the US government restrict Mythos access?
In June, the US government directed Anthropic to cut off foreign nationals from Claude Fable 5 and Claude Mythos 5, citing national security. Anthropic responded by suspending global access to both models. The company later restored access after putting additional safeguards in place to satisfy the government’s concerns.
For financial institutions, the same capability that makes Mythos attractive as a defense tool is also what makes it dangerous. A model that can find hidden software flaws at speed is enormously useful for a bank’s security team. In the wrong hands, it becomes an automated attack resource targeting the same institutions.
What is the White House doing about AI cybersecurity?
The Trump administration is building a new cybersecurity partnership that brings AI developers together with operators of critical infrastructure: hospitals, banks, and power grids. The goal is to create a channel for sharing information about software vulnerabilities that advanced AI discovers, so organisations can patch them before they are exploited.
This kind of public-private coordination is a direct response to the dual-use nature of vulnerability-finding AI. The same scan that protects a hospital’s patient records could, if misused, map out exactly where to attack it. That tension is what Dimon was pointing at, and it is not going away as these models get more capable.
Our take
Dimon’s ballistic missile framing is dramatic, but the underlying concern is legitimate. Vulnerability-finding AI compresses the time between discovery and exploitation. A human security researcher might take days or weeks to trace a flaw; a model like Mythos reportedly closes that gap substantially. That asymmetry matters most for organisations with limited security staff, which is most businesses.
The US government’s move to restrict foreign access, then walk it back after Anthropic added safeguards, also shows how fast this policy space is moving. There is no stable rulebook yet. Businesses that rely on AI-powered security tools or handle sensitive data should watch how access controls evolve over the next few months, because the rules around who can use what are still being written in real time.
If you are integrating AI into your operations and have questions about what that means for your own exposure, our AI integration services include a look at what you are connecting and what risks that creates. For broader context on how AI governance is shaping enterprise deployments, see our earlier coverage on enterprise AI agents and the gap between hype and real deployment.
What to do about it
- Audit which AI tools your security team currently uses and confirm they come from vendors with documented access controls.
- Check whether any AI-powered vulnerability scanners in your stack have had their terms of service or access policies updated since June 2025.
- Follow Anthropic’s policy updates if you use any Claude-family models, particularly around geographic or user-type restrictions.
- Watch for guidance from the White House cybersecurity partnership, especially if your business operates in healthcare, finance, or energy.
The practical takeaway: vulnerability-finding AI is a double-edged tool, and who has access to it matters as much as the technology itself.
Frequently asked questions
What is Anthropic Mythos AI?
Mythos is an AI model from Anthropic launched in April 2025 to a limited group of users including JPMorgan Chase. It is designed to identify software vulnerabilities and cybersecurity weaknesses faster than human analysts.
Why did the US government restrict access to Claude Mythos 5?
In June 2025, the US government ordered Anthropic to limit access to Claude Fable 5 and Claude Mythos 5 for foreign nationals due to national security concerns. Anthropic suspended global access and later restored it after introducing additional safeguards.
What did Jamie Dimon say about Anthropic's Mythos?
Speaking at the Pennsylvania Defense and Innovation Summit, Dimon said that giving people access to Mythos is like giving them ballistic missiles, and called the associated risks 'a real issue' that should not be ignored.
What is the White House AI cybersecurity partnership?
The Trump administration is creating a partnership between leading AI developers and operators of critical infrastructure such as hospitals, banks, and power grids. It is intended to help organisations share information about software vulnerabilities that advanced AI systems discover.


