India

Anthropic introduced Claude Mythos last week through Project Glasswing, a restricted program capped at roughly 40 organizations, including Amazon, Apple, Microsoft and JPMorgan Chase.

OpenAI followed on Tuesday (April 14) with GPT-5.4-Cyber, deploying its system to thousands of verified defenders through its Trusted Access for Cyber program. Both models can find and exploit software vulnerabilities at a scale no human team can match. What divides them is a fundamental disagreement about what to do with that power.

A Model Built to Work Without Supervision

Anthropic’s Mythos doesn’t assist security teams. It works independently. Given a target and a prompt asking it to find a vulnerability, the model reads code, forms hypotheses, tests them against a running environment and produces a complete exploit without further human input.

Anthropic confirmed that these capabilities weren’t explicitly trained into the model. They emerged as a downstream consequence of general improvements in code, reasoning and autonomy. The same improvements that make the model more effective at patching vulnerabilities also make it more effective at exploiting them.

Mythos was able to find serious security weaknesses that had been hiding in widely used software for years. Some of these flaws had gone unnoticed for over a decade, despite being reviewed many times by experts and existing tools. What stands out is that the AI model found them on its own after a simple prompt, without any ongoing human help.

VentureBeat noted that Anthropic engineers with no formal security training asked Mythos to find remote code execution vulnerabilities overnight and woke up to a complete working exploit by morning.

On a standardized security test built around real vulnerabilities in Mozilla Firefox, Mythos successfully turned known weaknesses into working exploits 181 times, compared to just two successful attempts by the earlier model. That’s a dramatic leap in its ability to both find and act on software flaws. According to Anthropic, that gap drove Anthropic’s decision to keep the model out of general circulation.

Reuters found that the model’s coding ability has given it a potentially unprecedented capacity to identify vulnerabilities and devise ways to exploit them, with the timeline for finding and fixing flaws collapsing from months to seconds.

PYMNTS reported that Project Glasswing’s partners include cybersecurity firms and infrastructure players, giving them a head start to rewrite insecure legacy code before criminals can act.

Where OpenAI’s Design Differs

GPT-5.4-Cyber is built around a different premise. Rather than autonomous operation, it’s designed to remove the friction that security professionals hit when using standard AI tools.

Axios reported that OpenAI designed the model after some cyber partners said earlier GPT models sometimes refused dual-use security queries outright. The model lets analysts examine compiled software for weaknesses without access to the underlying source code, work that previously required specialized researchers.

It’s a bet on a different theory of control. SiliconAngle noted that OpenAI shifted away from restricting what models can do and toward verifying who gets access to the most sensitive capabilities. The Trusted Access for Cyber program launched in February alongside a $10 million cybersecurity grant program and now carries tiered verification levels, with higher tiers unlocking more capable tools.

The Hacker News detailed that OpenAI expanded access to thousands of authenticated individual defenders and hundreds of teams responsible for securing critical software. Its Codex Security product contributed to fixes on more than 3,000 critical and high-severity vulnerabilities since launch.

AI Arms Race

The two positions reflect a strategic disagreement. Anthropic concluded Mythos was too capable to distribute widely, regardless of who was asking. OpenAI concluded that wider access to properly verified defenders produces better outcomes than scarcity.

Financial institutions face a real test. Reuters found that banks are particularly exposed because they run technology stacks spanning both new and decades-old systems, house undiscovered vulnerabilities and are closely interconnected.

Costin Raiu, co-founder of cybersecurity firm TLPBLACK, told Reuters that a model like Mythos would have “a field day” finding exploits in certain IBM systems, pointing to legacy technologies powering the financial industry as a prime example.

For all PYMNTS AI and digital transformation coverage, subscribe to the daily AI and Digital Transformation Newsletters.

David’s Bridal just made it possible to find, fall in love with, and buy a wedding dress without ever opening a browser tab. Here’s why that changes everything, and not just for brides.

Somewhere right now, a bride-to-be just got engaged. And within about 48 hours, she’s going to open up ChatGPT or Microsoft Copilot and start asking questions. Not about dresses. Not yet. About venues. Photographers. How much a wedding actually costs. What questions she should even be asking.

David’s Bridal has decided to meet her there.

The company, best known for being the place millions of brides have said yes to the dress, has just launched full end-to-end shopping directly inside ChatGPT and Microsoft Copilot. We’re not talking about a chatbot that tells you to “visit our website.” We’re talking about real product cards, real-time inventory, and a buy button that lets you complete a purchase without ever leaving the conversation.

“This is not an experiment on our side at all. It’s where the demand is moving,” Scott Saeger, CTO of David’s Bridal, told Karen Webster in a recent interview.

That’s a significant statement, and a significant move. But to understand why it matters, you have to understand where brides are actually spending their time today.

The Wedding Tab Has Moved

The modern bride doesn’t plan a wedding on a single website. She’s managing a sprawling, 300-decision project that stretches from the moment of engagement to the last dance at the reception, covering venue, catering, florals, attire, photography, travel, and everything in between.

And increasingly, she’s using artificial intelligence to help her think through all of it. Not as a search engine replacement, but as a thought partner. “What should I be asking a caterer?” “How far in advance do I book a photographer?” “What’s a realistic floral budget for 120 guests?”

These are the conversations happening inside ChatGPT and Copilot right now. David’s Bridal is now part of those conversations, which means a bride thinking about her wedding vision can go from “I want something romantic and garden-inspired” to seeing actual gowns that match that description, to purchasing one, without a single redirect.

“The next generation of brides, they’re not going to open up a web browser and type in a URL,” Saeger said. “They’re going to open up a conversation, describe what they want.”

The Tech Behind the Yes

This didn’t happen by accident. David’s Bridal has spent years rebuilding its infrastructure around what Saeger calls “aisle to algorithm,” a deliberate transformation from traditional retailer to what he describes as a tech-driven marketplace and media company.

The engine powering it is a proprietary platform called Pearl, built specifically to make David’s Bridal’s product data AI-ready. Because here’s the thing about AI commerce that most retailers haven’t figured out yet: You can’t just point an AI at your existing website and hope for the best.

“There’s this perception that you can just point AI at your data and it’ll figure everything out. And that’s just not the case.” Saeger said.

For AI to surface the right dress at the right moment in a conversation, every product attribute, silhouette, fabric, neckline, price, availability, needs to be structured, tagged, and connected in ways AI systems can actually consume and recommend. That’s the foundational work that makes the magic possible.

The payoff? Saeger calls it “transactional AI”: not a customer service bot answering FAQs, but a real commerce experience embedded inside a natural conversation. Inside Copilot, there’s now a live buy button. A bride can describe what she’s looking for, browse real options, and complete a purchase, all within the same chat thread.

What This Signals for Retail

Beyond bridal, the David’s Bridal move is an early proof point for what AI-native commerce could look like across retail. For years, the challenge of online shopping has been friction, the gap between wanting something and finding, deciding on, and buying it. AI interfaces promise to compress that entire journey into a single intent-driven thread.

Fifty-eight percent of AI platform users say they would prefer to shop inside AI environments. The behavior is already shifting. The question for retailers isn’t whether to show up in these platforms. The real question is whether their data is good enough to show up well.

For David’s Bridal, the “one-click wedding” isn’t a futuristic tagline. The infrastructure is built. The integrations are live. The brides are already there.

“When people ask me when we’ll be there, we’re already there.” Saeger said.

Instead, the contest is between open and closed systems, he said, Bloomberg News reported Wednesday (Feb. 18).

“Betting on open source is something Europe is doing actively and heavily,” he said during an interview at the AI Impact Summit in India, per the report.

Open-source technology is a “safer bet” for India and other countries that wish to build AI on local infrastructure, he said, according to the report. Open models can include cultural nuances, like the hundreds of languages spoken in India, and are easier to deploy on local infrastructure.

Mistral is viewed as Europe’s best option for competing with large AI companies in the United States, the report said. The company has championed its “open weight” AI models as a differentiator.

AI models from companies such as Google, OpenAI and Anthropic are closed-source, meaning the underlying code isn’t publicly available.

Mensch told the Financial Times (FT) last week that Mistral’s annualized revenue run rate, a figure based on the previous month’s sales multiplied by 12, was “north of $400 million,” compared to $20 million a year ago.

Easy access to debt financing means Mistral won’t need to go public this year, a path OpenAI and Anthropic are taking, he said.

“This is definitely something we have in mind for the next few years,” he said, to “guarantee our independence down the line.”

The desire for independence is something felt by companies and governments throughout Europe due to worries about U.S. foreign policy, the FT report said.

Meanwhile, AI is changing the way companies handle billing for software-as-a-service (SaaS) products.

“For the better part of two decades, enterprise software ran on a deceptively simple economic engine: the seat,” PYMNTS reported Wednesday, meaning that companies would buy a certain number of licenses or subscriptions.

But with AI, software spending is tied to how intensely models are exercised, not who uses the tool, leading to “a cost model that behaves less like a subscription and more like a commodities market,” the report said.

For all PYMNTS AI coverage, subscribe to the daily AI Newsletter.

With the company’s new office in Bengaluru, announced Monday (Feb. 16) and partnerships with the likes of Air India, the maker of the Claude chatbot is hoping to boost AI usage in the world’s most populous country.

“India is the second-largest market for Claude, home to a developer community doing some of the most technically intense AI work we see anywhere,” Anthropic said in a news release. “Nearly half of Claude usage in India comprises computer and mathematical tasks: building applications, modernizing systems and shipping production software.”

Among the company’s new partnerships is a collaboration with Air India, which is employing Claude Code to help developers ship custom software faster and at reduced cost as it tries to increase agentic AI usage.

Meanwhile, online payments platform Razorpay has integrated AI into risk systems, decision-making processes, and operations throughout the company. Emergent, an AI-powered platform built solely using Claude that allows users to build software by describing what they want in plain language, achieved $25 million in annual recurring revenue and two million users in under five months, Anthropic said in the release.

“India represents one of the world’s most promising opportunities to bring the benefits of responsible AI to vastly more people and enterprises,” said Irina Ghose, managing director of India for Anthropic, said in a statement. “Already, it’s home to extraordinary technical talent, digital infrastructure at scale, and a proven track record of using technology to improve people’s lives. That’s exactly the foundation you need to make sure this technology reaches the people who can benefit from it most.”

At the same time, India presented a challenge to Anthropic: while more than a billion people there speak upwards of a dozen officially recognized languages, AI models to perform better in English than in other languages.

To that end, Anthropic has launched an effort to close this gap by cultivating training data using 10 of the most widely spoken languages in India, leading to improvements in its models.

As covered here last month, India has emerged as the most aggressive adopter of agentic AI, with nearly half of organizations pointing to it as a chief strategic focus and roughly half of all executives expecting AI to generate over 15% revenue uplift in the next five years.

“India’s adoption is even more extreme compared with the rest of the world,” said Anthropic Co-founder and CEO Dario Amodei, per a report Monday by Bloomberg news. “We can do experiments with hundreds of millions of people.”