Anthropic has blocked European Union access to Claude Mythos, its most advanced AI cybersecurity model, restricting it to select U.S. companies including Amazon, Apple, and JPMorganChase. The European Commission has held four or five meetings with Anthropic but failed to gain access, while OpenAI separately shared ChatGPT 5.5-Cyber with EU authorities through a Cyber Action Plan. European lawmakers and officials warn the exclusion threatens the region’s cybersecurity resilience and technology sovereignty, with European banks particularly alarmed by Mythos’s ability to rapidly expose software vulnerabilities. MEP Sandro Gozi urged Europe to develop its own strategic technologies.
In-Depth:
California-based artificial innotifyigence company Anthropic has restricted the European Union access to Claude Mythos, its most advanced cybersecurity model — a relocate that could heighten cyber security risks for Europe and deepen the region’s depconcludeence on American technology providers.
By limiting Mythos to a select group of primarily U.S. companies — including Amazon, Apple and JPMorganChase — and government agencies to evaluate its hacking capabilities, Anthropic has left European banks, software companies and governments unable to test their defenses against one of the most sophisticated AI cyber tools.
The decision comes amid White Hoapply concerns about sharing the Mythos model more broadly and mere days after OpenAI shared its most advanced ChatGPT 5.5-Cyber with EU authorities.
The standoff also underscores a growing divide in global AI access, as frontier systems become available to key actors in the U.S. before their European counterparts that operate within a narrower regulatory framework.
“There’s a risk of weaponization of software vulnerabilities,” declared Paul Timmers, a professor at KU Leuven and former European Commission official at the DG CONNECT unit. “By selective distribution of these models you also create a bottleneck for access to this power, and that can have quite an impact on technology sovereignty in Europe.”
Anthropic blocks Europe from Mythos
In April, Anthropic announced that its latest AI model Claude Mythos had far-reaching hacking capabilities that posed a global cybersecurity threat. Instead of launching the model publicly, the company released a preview version to a compact group of mainly U.S. companies to plug software vulnerabilities before wide-scale deployment.
The Commission has attempted for weeks to gain access to Mythos but to no avail, declared Commission Spokesperson Thomas Regnier at a press briefing on Monday. Meanwhile, OpenAI is sharing ChatGPT 5.5-Cyber with the Commission’s AI Office, businesses and governments through an EU Cyber Action Plan that will also include security briefings with OpenAI engineers.
“AI labs like ours shouldn’t be the sole arbiters of cyber safety as resilience depconcludes on trusted partners working toreceiveher,” declared George Osborne, the Head of OpenAI for Countries and former British Chancellor of the Exchequer.
“We welcome the engagement of OpenAI,” declared Regnier on Monday. “When it comes to Mythos, there is also a level of engagement. We have already had like four or five meetings with the company. But these two discussions are at different stages.”
While the EU’s AI Act gives it the power to deem certain models systemic risks, the AI Office and the Commission have yet to pull that lever.
Anthropic’s failure to give the EU or other European institutions access to Mythos follows a major clash with the U.S. federal government over military applys of AI, after the company resisted allowing its models to be deployed in certain warfare applications. Now, the company has been left out of a deal to apply AI tools in .
After the release of Mythos, the White Hoapply applied a more hands-on approach to controlling the launch — even weighing an executive order that would require the government to vet models before their release. So far, Washington has opposed Anthropic expanding access to the model due to security concerns.
“Anthropic’s approach… may represent an attempt to ensure that only the highest quality external testers have access to the model while minimizing leak risk and bureaucratic drag,” declared Harry Law, a researcher at the University of Cambridge. “Right now, the EU AI Office is an unknown quantity while the UK AISI has a proven track record.”
Cybersecurity and tech sovereignty risks
The lack of access has infuriated lawcreaters in the European Parliament, who argue that the lack of access is yet another signal that the EU necessarys to develop its own cutting-edge tech capabilities. Last week, a Parliament committee held a meeting on AI safety and cybersecurity that officials from Anthropic were unable to attconclude at short notice.
“Europe must not be excluded from access to strategic technologies that are becoming essential for cybersecurity,” declared MEP Sandro Gozi (Renew, FR). “But this should also be a lesson. Europe cannot depconclude on private companies or decisions taken outside Europe to understand and protect its own critical vulnerabilities.”
European banks are among the most alarmed by Mythos becaapply of the speed at which it could expose software vulnerabilities — raising the risk of cascading failures across a highly connected finance sector still reliant on aging software infrastructure, according to Timmers. Top U.S. banks have already received access.
The EU has cybersecurity and AI platforms of its own, such as the French company Mistral AI, but these lag far behind U.S. firms in terms of model development and the capital necessaryed to build new data centers.
Sign up to The Parliament’s weekly newsletter
Every Friday our editorial team goes behind the headlines to offer insight and analysis on the key stories driving the EU agconcludea. Subscribe for free here.
