The Mythos Stress Test: Can Indian Fintechs, Banks Fend Off AI-Native Cyber Threats?

The emergence of frontier AI models like Anthropic’s Mythos marks a watershed moment for cybersecurity. Unlike traditional tools, Mythos can scan codebases and pinpoint zero‑day vulnerabilities at machine speed, a capability recently demonstrated when it identified flaws in the historically secure OpenBSD operating system. Parallel developments—Google confirming the first AI‑crafted zero‑day exploit and OpenAI launching the Daybreak initiative to harden defensive AI—underscore a rapid escalation in both offensive and defensive AI capabilities across the tech landscape.

In India, regulators are moving swiftly to address this new threat vector. Finance Minister Nirmala Sitharaman summoned senior bank executives, leading to the creation of a high‑level panel chaired by SBI’s CS Shetty. The panel’s mandate includes accelerating threat‑intelligence sharing among banks, the regulator RBI, and CERT‑In, and recommending policy frameworks that embed AI risk assessments into existing cyber‑governance structures. Banks have already elevated cybersecurity to a board‑level priority, with Kotak Mahindra’s CEO highlighting the shift from human‑paced attacks to machine‑paced exploits, prompting investments in AI‑driven monitoring and rapid patching workflows.

Fintechs, however, face a steeper uphill battle. Many operate with lean engineering teams and rely heavily on shared APIs, payment gateways, and open‑source components that lack robust oversight. The interconnected nature of India’s fintech ecosystem means a breach in a smaller player could cascade into larger banking networks. Companies like Paytm, Razorpay, and Pine Labs are proactively engaging Anthropic to test Mythos against their own stacks, seeking to turn a potential vulnerability into a resilience‑building exercise. As AI continues to blur the line between defender and attacker, sustained collaboration between regulators, incumbents, and innovators will be critical to keep India’s digital finance infrastructure one step ahead of AI‑native threats.