Indian bank vault breached by AI driven cybersecurity threat at night.

Indian Banks Drop Audit Cycles for Continuous AI Security After Mythos

indian bank vault breached by ai driven cybersecurity threat at night.

Indian banks are abandoning the quarterly audit posture they held for two decades. After Anthropic disclosed on April 7, 2026 that an internal frontier model called Claude Mythos Preview had surfaced thousands of zero-day software flaws in weeks, including a 27-year-old hole in OpenBSD and a 17-year-old bug in FreeBSD’s NFS server, the country’s biggest lenders are pivoting to round-the-clock AI security command centres, continuous red-teaming, and a crown-jewel-first defence model.

The shift is not theoretical. Chief information security officers at large private sector banks confirmed that scenario testing, vendor mapping and patch cycles have been rebuilt on rolling timelines since the disclosure. The phrase “compliance checkbox” now draws winces in board meetings.

What changed is not the existence of capable hackers but the speed and breadth of what one model can do. Mythos cracked 73% of expert-level cyber tasks that no AI could complete a year earlier, according to the UK AI Security Institute’s independent evaluation of Mythos Preview’s cyber capabilities, including the first end-to-end solve of a 32-step corporate network attack simulation called The Last Ones.

Why Mumbai Reacted to a Model Named Mythos

Anthropic did not put Mythos on a download page. The company refused public release, citing offensive risk, and instead launched Project Glasswing’s launch consortium for securing critical software, a closed group of fewer than 50 partner organisations that includes JPMorganChase, AWS, Apple, Cisco, Google, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks.

Indian regulators noticed that no Indian bank or domestic regulator was on the launch partner list. That fact alone sharpened the urgency in Mumbai. The thousands of vulnerabilities Mythos found are largely unpatched, with Anthropic’s April 2026 Claude Mythos Preview disclosure noting that over 99% remained open at the time of publication. The capability gap is not between attackers and defenders in general, but between defenders inside Glasswing and defenders outside it.

https://x.com/AnthropicAI/status/2041578392852517128

Indian bank vault breached by AI driven cybersecurity threat at night.
Indian bank vault breached by AI driven cybersecurity threat at night.

Inside the 24×7 AI Command Centre

Banks have moved their security command centres from operational backstops to first-class production environments. The largest private lenders now run round-the-clock AI-enabled SOCs that map every attack attempt by source, system and type, splitting flagged sessions onto alternate routing within seconds rather than minutes.

The volumes drive the redesign. Several lenders have rolled out continuous vulnerability discovery across cloud environments and public APIs, replacing the old quarterly review entirely. A senior risk officer at a private sector bank described scenario building as faster and more complex, forcing banks to layer containment planning underneath their preventive controls.

  • 73% of expert-level cyber tasks now solvable by Mythos, against zero a year earlier in AISI testing.
  • 99% of the vulnerabilities Mythos surfaced remained unpatched at the time of disclosure.
  • 42% of fintech-related breaches now originate with third-party vendors, per industry advisory data.
  • 27 years: age of the oldest live OpenBSD bug found by the model.

Scenarios that previously required weeks of human red-team time now compile in hours. Banks have started running them weekly rather than quarterly, with at least three large private lenders setting up dedicated benches whose only job is to run AI-driven attack simulations against the bank’s own production replicas.

The flip side is fatigue. Large banks describe the new posture as always on, and several have hired in batches to crew the new SOC desks. Operations heads admit that staffing the rhythm is now the harder problem, harder than buying the tooling.

Crown Jewels and the End of Equal Protection

Banks have been forced to admit a hard truth: not every system can be defended at the same level. The new doctrine ranks systems by what their compromise would actually cost the customer and the institution.

“Banks are identifying crown jewel systems, critical databases, payment rails and customer-facing applications, and allocating resources accordingly,” said Abhinav Bansal, managing director and senior partner at the Boston Consulting Group, in remarks to Business Standard. Internal AI usage policies are being rewritten so that development tools and automation platforms cannot themselves create access vulnerabilities.

CapabilityPre-Mythos posturePost-Mythos posture
Vulnerability discoveryQuarterly external VAPTContinuous AI-led scanning of cloud and APIs
Red-team frequencyAnnualRolling, with AI-driven scenarios
Risk prioritisationUniform across systemsCrown-jewel-first allocation
Patch cycleScheduled monthlyVirtual patching, real-time remediation
Vendor oversightAnnual reviewEmbedded telemetry, live monitoring

Why VAPT Once a Year Stopped Working

Periodic Vulnerability Assessment and Penetration Testing was the keystone of Indian bank cybersecurity through most of the past decade. RBI and CERT-In mandates required structured exercises with reports filed within a month and remediation within three. The model still applies on paper. The numbers underneath it have changed.

Bhavik Hathi, managing director and co-lead of the global transaction advisory group at Alvarez and Marsal, described the problem as a layering question. Bank technology stacks now run core systems alongside UPI rails, underwriting engines and collections software, often across multiple generations of architecture. A weakness in the youngest layer can move sideways into the oldest before any quarterly report flags it.

Chandra Prakash Suryawanshi, also a managing director at Alvarez and Marsal, listed the surfaces banks are scrubbing first.

  • Internet-facing applications
  • Remote administrative interfaces
  • Cloud consoles
  • Public APIs
  • Staging and test environments
  • Misconfigured cloud resources

Suryawanshi argued that the model itself does not change which surfaces matter, only how fast they can be probed.

Models such as Claude Mythos reduce the effort required to test vulnerabilities, but they do not fundamentally alter the threat landscape. The immediate risk areas remain internet-facing applications, remote admin interfaces, cloud consoles, public APIs, staging and test environments, and misconfigured cloud resources.

In one ethical hacker engagement reviewed by industry advisers, exposed third-party API keys discovered on a bank’s public website would have allowed billing or configuration changes if found by an outsider first. None of the bank’s quarterly tests had flagged the keys. Cryptographer Bruce Schneier, in his April 2026 commentary on Anthropic’s Mythos Preview and Glasswing, made the same point in starker form: defenders who keep working on annual cycles will simply not be in the same time zone as attackers using comparable models.

Virtual patching, runtime application protection and lateral-movement controls now fill the gap between when a flaw is identified and when its formal fix lands in production. The shift is from “we tested last quarter” to “we are testing right now.”

The Third-Party Trapdoor

Open banking and embedded finance have made the question harder than vendor risk theory ever imagined. As more bank customers reach core banking through fintech apps, the attack surface stretches beyond the bank’s own perimeter into partners, gateways and SDKs.

Indian fintech security data points the same way. Roughly 42% of fintech breaches now originate with third-party vendors, according to SecurityScorecard analysis cited by industry advisers. The 2018 Cosmos Bank case, in which an API exploit moved roughly $13.5 million through fraudulent transfers, remains the canonical Indian example of how third-party weakness becomes principal loss. Several private lenders have responded by rewriting partnership terms to require live security telemetry feeds rather than annual attestations.

What the Regulator Is Pushing Next

RBI’s June 2025 Financial Stability Report formalised what banks were already drifting toward. The document urges domestic lenders to abandon perimeter-only defence and adopt continuous-verification frameworks built around Zero Trust principles. SEBI’s August 2024 Cybersecurity and Cyber Resilience Framework circular for regulated entities, refined by technical clarifications in August 2025, now mandates VAPT after every major release rather than on an annual schedule.

  1. August 2024: SEBI publishes its Cybersecurity and Cyber Resilience Framework, setting out continuous monitoring expectations.
  2. June 2025: RBI’s Financial Stability Report flags cyberattack as a systemic financial-stability risk and formally pushes Zero Trust adoption.
  3. August 2025: SEBI issues technical clarifications to the CSCRF, mandating VAPT after every major release.
  4. April 7, 2026: Anthropic discloses Claude Mythos Preview and Project Glasswing.
  5. April 2026: RBI’s Authentication Mechanisms for Digital Payment Transactions Directions take effect, requiring two-factor authentication using at least one dynamic factor for every domestic digital transaction.

CERT-In’s empanelled audit firms are running more dynamic red-team simulations as a result, and several banks have asked to fold AI-led pen-test reporting into their existing CERT-In submission cycles. Boards have begun asking the operational question that compliance once answered: how fast can the bank actually contain a breach?

The reframing is the point. Resilience is no longer measured by whether the audit passed last year. It is measured by how quickly a compromised system can be cordoned off, how fast a fix can be virtually patched, and how many crown-jewel assets keep running while the rest are isolated.

Frequently Asked Questions

What is Claude Mythos and why are Indian banks worried about it?

Claude Mythos Preview is an unreleased Anthropic frontier model disclosed on April 7, 2026. It identifies and exploits software vulnerabilities at a scale and speed previously requiring expert human teams. Indian banks worry that defenders without comparable tools will fall behind, since over 99% of the thousands of zero-days Mythos found were unpatched at disclosure.

Has Mythos been released to the public?

No. Anthropic refused public release on safety grounds and instead launched Project Glasswing, a closed consortium of about 40 critical-software organisations, including JPMorganChase, AWS, Apple, Cisco, Google, the Linux Foundation, Microsoft, NVIDIA and Palo Alto Networks. No Indian bank or domestic regulator is on the named launch partner list.

What does continuous security mean in banking?

Continuous security replaces scheduled audits and quarterly VAPT with always-on vulnerability discovery, real-time anomaly detection across APIs and cloud consoles, and rolling red-team simulations. Banks measure resilience by remediation speed and lateral-movement containment, not by whether last year’s audit passed. AI command centres run the workflow round the clock.

What are crown jewel systems in a bank?

Crown jewel systems are the assets whose compromise would cause the worst customer or systemic harm: customer-facing applications, payment rails such as UPI, core deposit ledgers, and high-value databases. Banks now allocate disproportionate cyber spend to these assets, accepting lower defence intensity on lower-risk systems while ringfencing the most consequential ones.

Does the Reserve Bank of India require Zero Trust now?

RBI’s June 2025 Financial Stability Report pushes regulated entities toward Zero Trust as a foundational principle, alongside Continuous Assessment-Based Red Teaming. From April 2026, RBI also mandates two-factor authentication using at least one dynamic factor (biometric, device-bound token or risk-based signal) for all domestic digital payment transactions.

How are third-party fintech partners affected?

About 42% of fintech-related breaches originate from third-party vendors. As open banking expands, banks are tightening telemetry, API key rotation and embedded monitoring of partner integrations. Cybersecurity expectations for non-bank payment players are rising, and several banks have rewritten partnership terms to require live security feeds rather than annual attestations.

What can a customer do today to reduce exposure?

Customers can enable the dynamic second factor RBI now requires from April 2026, avoid screen-scraping aggregators that store login credentials, monitor account activity in real time through the bank’s app, and report anomalous transactions inside the regulator’s prescribed window of three working days for unauthorised electronic transactions to retain zero-liability protection.

The audit calendar that defined Indian bank cybersecurity for two decades is on its way out. What replaces it is something closer to a heartbeat, a constant AI-assisted check on every interface that touches money. Institutions that get the rhythm right will spend less time celebrating clean audit reports and more time watching their crown jewels survive the next bad day.