Anthropic’s Project Glasswing released the super-hacking tool Mythos to a limited group of trusted companies, with the stated aim of finding and fixing vulnerabilities before they could be exploited at scale.

Europe was kept out of the room. It received no institutional access, no hands-on briefing. This exclusion represents a rational choice, stemming from a decade of misguided European regulation, a lack of European artificial intelligence expertise, and Washington’s lack of trust in its allies.

Under the EU’s AI Act, obligations for AI models are triggered when models are placed on the European market. A model with verified autonomous hacking capabilities, such as Mythos, would raise systemic-risk questions and expose its provider to strict EU-level scrutiny, requiring technical documentation, risk assessment, adversarial testing, and cooperation with the new AI Office. Infringements risk fines of up to €15 million or 3% of global annual turnover, whichever is higher.

By keeping Mythos inside a closed research preview, Anthropic may avoid creating the legal conditions that would bring the model under the AI Act’s scope. Yet Anthropic did not exclude Europe just because of the fear of fines. 

It also excluded Europe because Washington no longer 100% trusts its European allies. The feeling, increasingly, is mutual. Until now, AI governance debates have focused on safety and transparency. Washington is now moving toward strategic advantage, pre-release access, and national security control.

That is understandable. A model that can autonomously discover exploitable vulnerabilities is not an ordinary digital product. It sits close to sensitive technology like advanced semiconductors. Companies can point to EU regulatory risk as a reason to restrict access. Washington can point to national security as a reason to keep access restricted. The result is a circular shield, and Europe is left outside of it.

Get the Latest
Sign up to receive regular Bandwidth emails and stay informed about CEPA's work.

The United Kingdom’s position is different. The UK AI Safety Institute was designed as an operational testing body, not only as a regulatory coordinator. It has built a model-evaluation function, secure testing processes, and a close bilateral relationship with the US. In 2024, the UK and US signed an agreement to cooperate on tests for advanced AI models, including shared evaluation methods and personnel exchanges.

Europe has no equivalent body. It has legal authority but lacks the trusted operational infrastructure to evaluate sensitive frontier models under conditions acceptable to companies and security agencies. That distinction is now decisive.

Ukraine’s experience illustrates the threat. Russian cyber operations have increasingly shifted from visible disruption toward silent intelligence collection — mapping systems, gathering access, and waiting for the moment of maximum impact. AI accelerates this process. If vulnerability discovery moves to machine speed, the window between discovery and exploitation collapses from months to weeks, days, or even hours.

This is why access to defensive intelligence matters. If European institutions do not know which vulnerabilities are being discovered, cataloged, or prioritized by frontier AI systems, they cannot help European operators close the gap. The problem is not abstract dependency. It is the operational delay.

The EU’s likely instinct will be to adjust deadlines, simplify rules, or delay enforcement of its onerous AI regulation. Some of that may be useful. But delaying a potential fine does not build a secure testing lab. A grace period will not patch a browser. Legal flexibility matters only if it buys time to build capability.

Europe needs a secure, capable AI evaluation facility, able to test frontier models under controlled conditions and protect sensitive findings. It needs a classified or restricted testing pathway within the AI Act, allowing models with strategic cyber capabilities to be evaluated without triggering broad public disclosure obligations. And it needs trusted arrangements with the US, the UK, Ukraine, and other selected democratic partners.

This does not mean abandoning regulation. It means making regulation usable in the world that now exists, in which frontier AI systems are no longer merely consumer tools, but capabilities that can shift the balance between cyber defense and offense.

Anthropic may not have made a mistake by keeping Mythos out of Europe, but a rational calculation within the architecture Europe built.

The question now is whether Europe will learn from that calculation. Sovereignty in a globally connected world is not autonomy, but freedom of choice, backed by capability. Right now, Europe risks regulating the room without having a seat and the capabilities.

Ieva Ilves advises Ukraine’s Ministry of Digital Transformation and WithSecure, a Finnish cybersecurity company. She has a master’s from Johns Hopkins University SAIS

Bandwidth is CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy. All opinions expressed on Bandwidth are those of the author alone and may not represent those of the institutions they represent or the Center for European Policy Analysis. CEPA maintains a strict intellectual independence policy across all its projects and publications.

Tech 2030

A Roadmap for Europe-US Tech Cooperation

Learn More
Read More From Bandwidth
CEPA’s online journal dedicated to advancing transatlantic cooperation on tech policy.
Read More