Field Notes: Law got more attractive but Mythos get's more alarming
The AI story that mattered this week wasn't the one with the celebrity.
Two stories competed for attention in artificial intelligence this week. One featured Jude Law. The other deserved considerably more of it.
Legora, a Swedish legal AI platform valued at $5.5 billion after a $550 million fundraise in March, launched a global brand campaign starring the British actor under the tagline “Law just got more attractive.”
A three-year-old company now serving over 1,000 law firms across 50 markets is spending at Hollywood scale. Its competitor Harvey signed Suits actor Gabriel Macht earlier this year. Legal AI has entered its brand era and brand eras tend to follow serious money.
But the second story was less cinematic, but with considerably deeper implications for anyone managing long-term capital.
Anthropic announced that its new model, Claude Mythos Preview, not publicly available, had identified thousands of previously unknown security vulnerabilities across every major operating system and web browser.
Putting the Myth in Mythos
The most widely cited example is a 27-year-old bug in OpenBSD, one of the most security-hardened operating systems in existence.
It is worth noting what that flaw actually does. If exploited, it would crash the server running the software. It would not steal data, give an attacker ongoing access, or compromise any accounts. The damage would be disruptive, not catastrophic. And finding it cost around $20,000 in computing time across a thousand separate attempts.
“We haven’t trained it specifically to be good at cyber. We trained it to be good at code, but as a side effect of being good at code, it’s also good at cyber.”
Anthropic’s CEO, Dario Amodei - MSN, 10 April 2026
That is the important point. Mythos was not built to be a hacking tool. It was built to be very good at reading and writing code and it turns out that the same ability that makes it useful for software development also makes it capable of finding weaknesses in software security. Nobody designed that in and it emerged on its own.
Which is also what makes it unsettling. During testing, Mythos did things its creators did not expect. In one case, it found a way out of the restricted environment it was being tested in and then sent an email to the researcher overseeing the test to let him know what it had done. He found out while eating a sandwich in a park.
Anthropic describes Mythos as both the most capable and the most unpredictable model it has ever built. Both things are true at the same time.
The numbers tell their own story. The model before Mythos working on the same set of known software weaknesses in the Firefox browser managed to turn those weaknesses into working attacks twice, across hundreds of attempts.
Mythos succeeded 181 times. Across 7,000 separate targets, previous models achieved zero complete system takeovers. Mythos achieved ten.
(Source: Anthropic Red Team, April 2026 - Shows exploit success rates across Sonnet 4.6 (4.4%), Opus 4.6 (14.4%), and Mythos Preview (72.4%) on Firefox’s JavaScript engine. Caption: “Image: Anthropic / Project Glasswing”)
Anthropic’s own benchmark data, shown in the chart above, puts this in visual terms. The success rate on Firefox’s JavaScript engine went from 4.4% for an earlier model, to 14.4% for the previous best, to 72.4% for Mythos. That improvement happened in a matter of months.
This is not a gradual trend, it is a step change. And 99% of the vulnerabilities Mythos has already found have not yet been fixed.
The wider concerns
The risks extend well beyond individual bugs.
Mythos cracked flaws in TLS, AES-GCM, and SSH, the encryption standards protecting banking systems, private communications, and sensitive financial data.
It became the first AI to solve a corporate network attack simulation end-to-end, a task estimated at ten or more hours for a human expert.
The Council on Foreign Relations identifies non-state actors targeting critical infrastructure as the primary threat including power plants, water systems, and food supply networks running on software that has not been updated in years.
The deeper structural problem is volume, not severity. The danger is not any single exploit. It is that the pace of discovery now outstrips human capacity to triage and patch. Most organisations already cannot keep up with their existing backlog.
The incoming wave of autonomously discovered zero-days will not be manageable by the same processes that barely manage the current load.
“It’s serious enough that people have to worry. We have to understand the vulnerabilities being exposed and fix them quickly.”
Barclays CEO, C.S. Venkatakrishnan - BBC, 16 April 2026
It is also worth stating what Mythos does not change overnight. The UK’s AI Security Institute independently tested the model and found it can exploit systems with weak security posture.
But that well-defended systems with active monitoring and real-time incident response present a meaningfully different challenge. The risk falls heaviest on organisations that have deferred basic security hygiene.
The defensive response and who is already in the room
Anthropic’s response to its own discovery is the part the headlines largely missed. The company has not released Mythos publicly.
Instead, it formed Project Glasswing, a closed consortium of roughly 40 organisations that will use the model specifically to find and patch vulnerabilities in critical software before bad actors can reach them.
Members include Apple, Microsoft, Google, Amazon, Cisco, CrowdStrike and, notably, JPMorganChase. Anthropic committed $100 million in usage credits to the effort.
(Youtube Video: Anthropic / Project Glasswing)
JPMorganChase's inclusion matters. The largest bank in the United States and a primary counterparty for much of global private capital is already running the model against its own systems. The question is what sits beneath them in the operational stacks of their clients.
The story has also moved well beyond Silicon Valley. Finance ministers at the International Monetary Fund meeting in Washington discussed it in crisis sessions this week.
“The difference with the Strait of Hormuz is that we know where it is and we know how large it is. The issue we’re facing with Anthropic is that it’s an unknown, unknown. It requires a lot of attention so that we have safeguards and processes in place to ensure the resiliency of the financial system.”
François-Philippe Champagne, Canadian Finance Minister - BBC, 16 April 2026
The White House moved in parallel. The federal Chief Information Officer wrote to Cabinet departments this week confirming the Office of Management and Budget is establishing protections to allow major federal agencies to begin using a modified version of Mythos.
The risk for a family office is not that AI will attack it directly. It is that the infrastructure through which capital flows has vulnerabilities that AI can now find faster than humans can patch them.
What every family office should be asking now
Consider the operational stack of a typical family office. Whether that be a custodian or a fund administrator each running software.
Some of that software carries vulnerabilities that have gone undetected for years, in one case, 27 of them, and is now scannable at a speed and scale that was not available six months ago.
Mythos can develop working exploits autonomously, sometimes overnight, with no human intervention beyond the initial prompt.
Some service providers are ahead of this. They are auditing, patching, and in some cases participating directly in the Glasswing consortium. But others are not. The institutions ahead of this are moving quietly. The ones behind it, in many cases, do not yet know they are behind it.
The window during which this capability remains restricted is also finite. Security researchers expect the cost of AI-enabled vulnerability discovery to approach zero as models commoditise and open-source alternatives proliferate.
One question worth asking this week as a family office
Put it directly to your most critical service providers and try to answer how are you responding to AI-enabled vulnerability discovery, and are you actively testing your own systems?
So, where does your team stand? Answer the poll below - we read every response.
And what caught our attention this week:
A few things the Simple team has been reading, testing, or talking about.
Tools we tried:
Google Skills in Chrome: Google introduced “Skills” in Chrome, letting users save and reuse AI prompts powered by Gemini across websites. One-click execution of common tasks like summarisation or content transformation. Low friction, potentially high value for teams with repetitive browser workflows. Skills skills skills, watch this space!
Worth reading:
Five hyperscalers now own over two-thirds of global AI compute: Google, Microsoft, Meta, Amazon, and Oracle. Most AI labs depend almost entirely on them for access. The concentration of AI infrastructure is a structural fact that shapes everything built on top of it.
Anthropic tests Claude Code upgrade to rival Codex Superapp: A new Coordinator Mode would let Claude act as an orchestrator, delegating implementation across parallel sub-agents while focusing on planning and synthesis. The architecture of AI-assisted development is moving faster than most teams are tracking.
The AI Labs Have A $7 Doritos Problem: Doritos crossed $7 a bag. Walmart told PepsiCo to cut prices. PepsiCo tried everything but. Revenue turned negative for the first time in over a decade. Consumers and enterprises are evaluating AI subscriptions the same way and many are deciding to skip it. Worth reading if you’re thinking about where AI adoption stalls.
The inevitable need for an open model consortium: Rising frontier model costs are pushing companies toward shared infrastructure. The tension between open and closed models is becoming structural, not philosophical. Nvidia’s Nemotron is an early test case.
Capital signals:
FluidStack in talks for $1 billion at $18 billion valuation: More than double its $7.5B valuation from December, fuelled by a $50 billion data centre construction agreement with Anthropic. Showcasing signs that AI infrastructure capital is still accelerating.
Modern Relay raises €2.5 million pre-seed: Straight out of stealth, Modern Relay is building a shared foundation layer, people, policies, data, decisions, so agents and teams coordinate from the same reality, governance built in. Early but worth watching.
Spektr raises $20 million Series A: Building AI agents for compliance workflows. The manual back-and-forth that defines most compliance operations is what they are going after. Early customers include Pleo, Santander Leasing, and Mercuryo.
This edition of Field Notes was written by Oliver Yorke, Head of Community & Growth.
If your family office is thinking about where AI fits into your system, we’d love to hear what questions you’re working through - drop us a note at hi@andsimple.co