SEBI Names Claude Mythos, Sets Up cyber-suraksha.ai Task Force

India’s markets regulator named a specific frontier AI model in a regulatory circular on May 5, 2026, a first for the country. The Securities and Exchange Board of India called out Anthropic’s Claude Mythos by name, ordered every regulated entity from clearing corporations to merchant bankers to overhaul their cyber defences, and stood up a fresh task force called cyber-suraksha.ai to coordinate the response.

The advisory lands at an awkward moment for the industry. Mythos Preview is currently locked behind defender-only access through Anthropic’s Project Glasswing coalition, yet SEBI is already treating its capability profile as the new floor for adversary modelling. The regulator told brokers, depositories, asset managers and credit-rating agencies to assume that what one AI lab built, another can replicate.

What SEBI Actually Ordered On May 5

SEBI’s circular flags AI-driven vulnerability identification tools, citing Mythos as the example, as a category that introduces “new dimensions of risks for regulated entities.” The language is unusually direct for a financial regulator. The advisory says these tools “may give rise to heightened risk exposure by enabling identification and potential exploitation of existing vulnerabilities using speed and scale.”

The reach is wide. The order covers stock brokers, mutual funds, alternative investment funds, portfolio managers, custodians, KYC registration agencies, research analysts, depositories, and stock exchanges, every class of entity supervised under the SEBI Cybersecurity and Cyber Resilience Framework (CSCRF) circular of August 2024. The new advisory layers on top of that framework rather than replacing it.

SEBI Chairman Tuhin Kanta Pandey had previewed the move on May 4, telling reporters the regulator would issue an “initial advisory” because technology risks “cannot be viewed in isolation at the entity level” in an interconnected market. The circular followed within twenty-four hours.

The Tool Behind The Warning

Claude Mythos Preview is the unreleased frontier model Anthropic disclosed on April 14, 2026. The company’s own Anthropic red team disclosure on Mythos Preview’s offensive capabilities says the model has already surfaced thousands of high-severity zero-day vulnerabilities across every major operating system and every major web browser.

In one demonstration, Mythos Preview chained four separate vulnerabilities into a single browser exploit. It wrote a JIT heap spray that escaped both the renderer sandbox and the operating system sandbox. It then chained a local privilege escalation on Linux by exploiting subtle race conditions and KASLR bypasses on its own.

The independent benchmarks tell the same story. The UK government’s AI Security Institute evaluation of Mythos Preview’s cyber capabilities, published April 14, found the model passes 73% of expert-level offensive tasks that no model could complete a year earlier. It became the first AI to fully solve The Last Ones, a 32-step corporate network attack range AISI estimates would take human red teams roughly twenty hours, doing it three times across ten attempts.

Anthropic has not made Mythos public. Access flows through Anthropic’s Project Glasswing coalition page, which lists Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, Nvidia and Palo Alto Networks as launch partners, plus around forty additional organisations that build or maintain critical software.

None of those forty are Indian market intermediaries. That gap is the point of SEBI’s circular.

Inside cyber-suraksha.ai

The task force draws representatives from market infrastructure institutions, qualified registrars and transfer agents, qualified regulated entities, and other stakeholders. The coordinating address is project-cyber-suraksha.ai@sebi.gov.in. Its mandate is to study AI-led cyber risks and write a uniform mitigation playbook every regulated entity can plug into.

SEBI has asked the group to push four work streams in parallel:

• Threat intelligence sharing across MIIs, QRTAs and REs, with priority reporting on cyber incidents, attack vectors and newly discovered vulnerabilities.
• Vulnerability management playbooks built specifically around AI-driven exploitation patterns rather than legacy threat models.
• Third-party vendor reviews, including audits of empanelled application service providers used by exchanges and depositories.
• Response coordination drills built around AI-driven scenarios, not just the conventional ransomware tabletop exercise.

The Patch-And-Lock Order

The operational instructions in the advisory read like a blunt to-do list. Update operating systems and applications immediately. Where vendor patches are not available, use virtual patching as an interim shield. Run vulnerability assessments using both conventional scanners and AI-based tools, and run them more often.

SEBI also pushed harder on perimeter and identity hygiene. Entities have been told to tighten API security with strong authentication, rate limiting and whitelist-based access. They have been told to maintain an updated asset inventory, harden every system, and adopt Zero Trust Network designs to shrink the attack surface. Continuous monitoring through a Security Operations Centre is no longer treated as best practice. It’s the floor.

The numbers explain the urgency:

• 2.72 billion cyberattacks absorbed by India’s banking sector in the past year, per industry application-security telemetry cited in CERT-In’s April advisory.
• 73% expert-task pass rate for Mythos Preview, the highest ever recorded by AISI for an offensive cyber benchmark.
• 32 steps in the corporate attack range Mythos completed end to end without human help.
• 4 chained vulnerabilities stitched into a single autonomous browser exploit during Anthropic’s internal red-team runs.

Pandey has framed the response as preparedness rather than restriction. “In an interconnected securities market, a single weak link can create wider risks,” he said in his May 4 briefing, telling regulated entities the focus is on faster remediation rather than reactive enforcement.

Why M-SOC Suddenly Matters

The advisory leans hard on the Market Security Operations Centre, the joint platform built by the National Stock Exchange of India and BSE Limited. SEBI calls it a “centralized security platform” delivering 24×7 real-time monitoring and threat detection, and has told eligible entities that have not yet onboarded with M-SOC to do so quickly.

That nudge is significant because most smaller intermediaries, the broker with twelve branches, the regional registrar, the boutique research analyst, do not run a 24×7 SOC of their own. The CSCRF framework was already pushing them toward shared infrastructure. The Mythos advisory turns that push into a deadline conversation.

A Wider Pattern Forming Around Frontier AI

SEBI is not acting alone. The Indian Computer Emergency Response Team published its own high-severity warning on frontier AI agents in late April, telling Indian organisations and MSMEs that “frontier agentic” models can plan, execute and complete multi-step attacks faster than human analysts can triage them. The full text is on the CERT-In national agency portal for cyber incident response.

Cryptographer Bruce Schneier has been blunt about what changes when models like Mythos exist outside the lab. “Every defender now has access to the same scanning tool the attackers will eventually have, and the gap between those two timelines is the only thing that matters,” he wrote in Schneier on Security’s analysis of Mythos Preview and Project Glasswing, published April 24.

Mythos Preview is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so.

That line, taken straight from Anthropic’s own disclosure, is the single sentence circulating among CISOs at Indian brokerages this week. SEBI’s circular is the regulator’s reaction to it. The benchmark race tightened further when OpenAI’s GPT-5.5 was tested by AISI, a story we covered in detail in our analysis of GPT-5.5 reaching cyber parity with Mythos Preview on AISI’s hardest suite.

The strategic question for regulated entities is no longer whether AI-led offensive tools are real. It’s how quickly the defender side of that asymmetry can be built into day-to-day operations. SEBI has answered: now.

Frequently Asked Questions

Does The SEBI Advisory Apply To Retail Investors Or Only To Regulated Entities?

The advisory is addressed to regulated entities, not retail clients. That covers your broker, your depository participant, your mutual fund house, your registrar, and the exchanges themselves. As a retail investor, you don’t have to file anything. But your broker now has a deadline-style obligation to patch faster, monitor harder, and onboard with the Market SOC if eligible. Expect to see updated KYC and login flows over the coming months.

How Do I Check If My Broker Is Onboarded To The Market SOC?

Ask in writing. Email your broker’s compliance officer or use the grievance form on their website and request confirmation of M-SOC onboarding status under the SEBI advisory dated May 5, 2026. Brokers must respond. You can also check the SEBI complaints portal at scores.sebi.gov.in if you don’t get a clear answer within fifteen working days. Confirmation should reference the CSCRF framework explicitly.

Can I Still Use AI Tools For My Own Trading Or Portfolio Research?

Yes. SEBI’s advisory targets AI-driven vulnerability detection and exploitation tools used against market infrastructure, not consumer AI chat tools used for research. Using ChatGPT, Claude or Gemini to summarise an annual report or screen stocks is unaffected. Just remember that none of those tools is a registered investment adviser, and feeding them confidential trading credentials or PAN-linked data carries its own privacy risk independent of this advisory.

What Happens If A Regulated Entity Ignores The May 5 Circular?

SEBI advisories carry the same enforcement weight as a directive under the SEBI Act for regulated entities. Non-compliance can trigger inspections, monetary penalties, and in serious cases suspension of registration. The CSCRF framework already has graded penalty structures, and the cyber-suraksha.ai task force is expected to feed enforcement signals into SEBI’s supervisory cycle. Inspections starting later this year will likely include AI-readiness as a checkpoint.

Is Claude Mythos Available For Anyone To Download Or Use?

No. Mythos Preview is not a public Anthropic product. Access is granted only through Project Glasswing, a defender-side coalition that includes AWS, Apple, Cisco, CrowdStrike, Google, JPMorgan Chase, Microsoft, Nvidia, Palo Alto Networks, the Linux Foundation, and roughly forty additional organisations vetted by Anthropic. Indian market intermediaries are not on that list today. That asymmetry is exactly what SEBI’s advisory is trying to plan around.

The Mythos circular is the most specific frontier-AI warning any major financial regulator has issued so far this year, and it sets a template other Indian regulators are likely to follow. The Reserve Bank of India and the Insurance Regulatory and Development Authority have both been watching cyber-suraksha.ai’s formation closely. What SEBI does next, particularly the first set of enforcement actions tied to the advisory, will tell the rest of Indian finance how seriously to take frontier-model risk.