Eleven MEPs, led by Leila Chaibi (The Left) and Kim Van Sparrentak (Verts/ALE), have submitted a parliamentary question to the European Commission demanding an urgent cybersecurity strategy to counter the risks posed by Anthropic's advanced AI model Claude Mythos. The MEPs warn that the model's ability to detect and exploit software vulnerabilities could trigger a wave of cyberattacks on the EU's digital infrastructure, affecting businesses, public services, and citizens.
The question, filed on 16 April 2026 under Rule 144, follows Anthropic's announcement on 7 April that it would not release Claude Mythos Preview publicly due to its offensive cyber capabilities. The company also launched Project Glasswing, a private initiative allowing select US entities to remediate vulnerabilities before public disclosure. The MEPs cite the Center for AI Safety, which warns that Claude Mythos holds only a six to twelve-month lead over open-source competitors, leaving the EU exposed to a surge in cyberattacks.
The question contains three concrete asks: first, what cybersecurity strategy the Commission will implement to avert a potential 'cybergeddon'; second, how it will support the development of a sovereign EU capability for advanced vulnerability research; and third, how it intends to adapt the EU legislative framework to AI models with offensive capabilities. The MEPs' policy orientation is clear: they advocate for a proactive, public EU response rather than reliance on private US-led initiatives, and they push for stronger regulatory oversight of advanced AI systems.
The Commission is expected to reply within approximately six weeks. Its answer will signal whether the EU plans to invest in indigenous cyber defence AI, tighten the AI Act's provisions on offensive capabilities, or pursue international coordination. The question reflects a cleavage between EU strategic autonomy and dependence on US technology, as well as between public security and private control over critical cyber tools.