GM. This is Milk Road AI, the only newsletter that turns AI breakthroughs into what they actually mean for your money.
Here’s what we’ve got for you today:
- ✍️ The most dangerous AI was never released.
- 🎙️ The Milk Road AI Show: Vibe Coding and Software Death: Is Your Portfolio at Risk? w/ Amit.
- 🍪 Amazon makes a space power play.
Nexo is back in the U.S. - and new clients get 30 days of Wealth Club Premier perks! Higher yields, lower borrowing rates, and crypto cashback - start here.
Prices as of 10:00 a.m. ET.
ANTHROPIC'S OPPENHEIMER MOMENT
After the first atomic bomb test in July 1945, Oppenheimer witnessed the mushroom cloud rise over the New Mexico desert.
Years later, reflecting on that moment, he recited a line from the Bhagavad Gita: 'Now I am become Death, the destroyer of worlds.'
He said it with the dread of someone who understood what he had built and knew there was no undoing it.
The atomic age didn't begin with a war but rather with a test in the desert, one witnessed by hundreds of scientists and soldiers who had spent years building the very thing they now watched detonate.
Anthropic just had their Oppenheimer moment, but with one difference: they didn't choose it.
A configuration error in their content management system inadvertently exposed nearly 3,000 unpublished internal documents tied to a secret model called Claude Mythos.
Draft blogs, internal PDFs, and promo materials, all left exposed online like the lab door was never locked.
Within hours, the industry had read everything, and within days, the Treasury Secretary, Fed Chair, and top bank CEOs were in the same room having a conversation no one planned for.
The “responsible” AI built the most dangerous model.
Let's back up, because the setup matters.
You probably know Anthropic as the careful one.
Founded in 2021 by Dario and Daniela Amodei and a group of ex-OpenAI researchers who left because they thought the industry was sprinting toward something it didn't fully understand.
Their entire identity was built around one premise: we build AI responsibly, and the enterprises terrified of rogue models will pay a premium for that peace of mind, and it worked spectacularly.
By early 2026, Anthropic’s revenue run rate had surged to ~$30B, growing rapidly with 8 of the Fortune 10 as customers, and it raised $30B at a ~$380B valuation, making it one of the most valuable private tech companies behind SpaceX and OpenAI.
A company most people couldn't have named 18 months ago is now worth more than Goldman Sachs, Ford, and Disney. Combined, but sure, AI is just hype.
And here’s the number that should terrify Sam Altman personally:
Businesses choosing an AI platform for the first time now pick Anthropic 70% of the time.
They were dominating the enterprise, customers, and narrative, then they left the lab door open.
Anthropic's engineers had been quietly building something they internally called a "step change,” and they called it Mythos, and it was never supposed to be public knowledge.
When the leak hit, the documents revealed the following:
Mythos had already identified thousands of zero-day vulnerabilities, previously unknown security flaws in major software systems across the industry.
It found a 27-year-old flaw in OpenBSD (an open-source Unix-like operating system) that had survived thousands of scans, completely undetected.
It found a 16-year-old vulnerability that conventional automated testing had missed, and then the part that made government officials actually pick up the phone:
Mythos didn't just find the holes, but rather it could autonomously exploit them without any human in the loop.
It reasons through the attack vector, verifies it, and executes, start to finish, on its own.
Anthropic’s internal documents state it clearly: Mythos can identify and exploit vulnerabilities “in every major operating system and web browser when directed by a user to do so.”
Sit with that sentence for a second.
A few months ago, their previous flagship model found 500 zero-day vulnerabilities over the course of a full year and got a standing ovation for it.
Mythos matches that number, autonomously in a fraction of the time.
This is the technological equivalent of going from a butter knife to a nuclear warhead and then accidentally publishing the schematics on the front page of the internet.
But here is where Anthropic did something almost unheard of in the current AI arms race:
They refused to release it.
In an industry culturally defined by ship it and iterate, where the entire competitive pressure is to be first and figure out consequences later, Anthropic looked at its most powerful model ever and decided the world wasn't ready for it.
That is, genuinely, a remarkable thing to do and a costly one.
Every day Mythos isn't generating revenue is money left on the table, every competitor who ships something similar first is a market share threat.
Sitting on your best weapon while everyone else is firing is not a comfortable position, but they did it anyway.
Instead, Anthropic announced Project Glasswing, a controlled-access program giving a small, carefully vetted group of organizations early access to Mythos for one purpose only: defense.
The founding partner list is staggering.
Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks.
Plus 40+ organizations running the critical infrastructure underneath modern civilization, power grids, financial systems, telecom backbones.
The logic is almost elegant in its simplicity: the model exists, other labs will eventually build something equivalent, and some of them will have fewer scruples, less oversight, and no interest in a controlled rollout so the only rational move is to make sure the defenders get there first.
Anthropic committed $100M in Mythos usage credits to Glasswing partners and $4M in direct donations to open-source security organizations because when your model can theoretically compromise the world's software infrastructure, a little goodwill spending is the bare minimum.
Each partner uses Mythos to scan and harden their own systems, then shares learnings with the broader consortium before the technology proliferates beyond controlled deployment.
It's a shared early-warning system, a digital Manhattan Project except this time, the scientists decided to tell the governments before the bomb went off.
And if you weren't on the list? The market made sure you felt it immediately.
Cloudflare was excluded, and one missing name on a partner list wiped out double-digit value in just four days.
If the company that can find vulnerabilities in everything doesn't trust you to be a defender, what exactly are you selling?
CRYPTO SHOULD WORK HARDER FOR YOU
Most people hold crypto and hope.
The smart money? They're earning interest on it, borrowing against it without selling, and trading it.
Where can you do the same all in one place? Nexo.
And right now, new U.S. clients get 30 days of Wealth Club Premier (benefits normally reserved for loyalty program members):
- Enhanced interest rates on your digital assets
- Lower borrowing costs against your crypto
- Up to 0.5% cashback on trades
No need to sell to access liquidity. No juggling 5 different platforms.
*Disclaimer: Geographic restrictions and terms apply.
ANTHROPIC'S OPPENHEIMER MOMENT (P2)
On Tuesday, April 8, Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell walked into the Treasury Department's Washington headquarters.
And waiting for them were the CEOs of every major American bank.
Now here's the detail that makes this meeting remarkable: Bessent is not a technology guy.
His background is macro, currencies, and sovereign debt, and he built his career reading bond markets and currency flows.
This is someone whose idea of a dangerous model is a miscalibrated yield curve.
The fact that he personally arranged and co-chaired this meeting alongside the head of the Federal Reserve, the two most powerful economic officials in the country, tells you exactly how this was classified internally.
The explicit message to the room: Mythos can find exploitable vulnerabilities in every major operating system and web browser.
Equivalent models will eventually be built by people with no interest in controlled deployment of hostile state actors, organized crime, or reckless startups that haven't thought past the demo.
The U.S. financial system runs on layers of legacy software, some of it decades old, riddled with bugs that no human analyst has ever found.
Powell and Bessent were delivering one message as plainly as two regulators can without triggering a panic, the window to patch your systems may be shorter than you think.
Mythos is restricted for now, but once an equivalent model is used offensively against banks, hospitals, or power grids, the damage will outpace any response.
This is the Oppenheimer moment, arriving in a conference room at the Treasury Department.
Except it’s not one bomb in the desert, it’s every operating system, every browser, and every piece of legacy financial infrastructure.
The market's ugly four days
The market heard one thing: AI can hack everything, and it panicked-sold anything with cybersecurity in the pitch deck.
The bear thesis is called moat destruction, and it goes like this:
Cybersecurity companies built their pricing power on three pillars: proprietary threat datasets, specialized human expertise, and switching costs so high that customers stay even when they're unhappy.
If a general-purpose AI can reason through novel attack vectors as well as a senior analyst with twenty years of experience and Mythos demonstrably can, the pricing power that justifies 20 to 25x revenue multiples starts looking like a house of cards.
CrowdStrike CEO George Kurtz went on record saying an AI that scans code "cannot substitute for the Falcon platform."
Palo Alto CEO Nikesh Arora told analysts he was "perplexed" that anyone sees AI as a threat to cybersecurity rather than a tailwind.
Both have a point, and neither stopped the selling.
The market rarely waits for nuance when it's scared.
The part of the selloff is getting completely wrong
Here's the contrarian take, and I think it's the right one.
The bears are pricing this as if AI kills cybersecurity, while the bulls are pretending nothing has structurally changed.
Both are missing what's actually happening.
AI doesn't kill cybersecurity but rather raises the stakes, and higher stakes mean bigger budgets.
Think about it like this: when cars got faster and crashes got deadlier, we didn't spend less on safety.
We added airbags, crumple zones, seatbelt laws, lane sensors, automatic braking.
A more dangerous environment creates more demand for protection, not less.
JPMorgan projects global cybersecurity spending reaches $240B by 2026 and $320B by 2029.
A world where AI can find vulnerabilities in everything is a world where every company on earth needs to be hardened against AI-powered attacks.
That's not a shrinking market but rather an exploding one.
More importantly, look at who's actually inside Project Glasswing.
CrowdStrike, Palo Alto, Microsoft, Amazon, Google, and Apple.
The market sold some of them as victims of Mythos, but they are its first-mover beneficiaries.
They get the most powerful defensive AI ever built before any competitor, before any bad actor, before any equivalent model proliferates to systematically scan and harden their own infrastructure.
Microsoft Security is already a $37B annual revenue business, and it's about to get a weapon its competitors don't have access to.
The smart money right now is rotating toward three places: hyperscaler-native security platforms, AI-first security startups that are about to become acquisition targets as legacy firms scramble to catch up, and Glasswing consortium members who are now holding a first-mover advantage that the market hasn't fully priced.
The dumb money is panic-selling every firewall company because a PDF leaked.
What actually just changed
This was never really a story about a config error or a leaked model or even a scary Wall Street meeting.
It's the story of the AI arms race entering its mature, dangerous phase.
For two years, the market ran on one narrative: AI is a tailwind for enterprise software, it helps defenders more than attackers, everything with AI in the pitch deck wins, and the future is bright with returns coming.
Mythos cracked that frame open by demonstrating that AI capability, beyond a certain threshold.
It's a systemic risk multiplier for financial systems, healthcare networks, power grids, and every layer of modern infrastructure running on software old enough to harbor secrets no one has looked for.
Oppenheimer built his bomb in secret, and the world found out when it detonated over Hiroshima.
Anthropic's moment arrived differently, through a config error, a printer left unlocked, and 3,000 documents that were never meant to leave the building.
But the feeling in the room is the same.
The technology exists, the genie is out, and the companies that own the most powerful AI and the most comprehensive defensive posture are now pulling away from everyone else at a speed the market is only beginning to understand.
Oh, and one more thing.
Anthropic is eyeing an IPO as early as Q4 2026. Bankers are modeling a valuation of $400 to $500B, which would make it one of the largest technology IPOs in history.
For retail investors currently locked out of the upside, the pent-up demand is going to be something to watch.
The most dangerous AI model ever built, exposed by a config error just accidentally became the most compelling investment story of the year.
Oppenheimer never got to ring the bell on Wall Street.
Dario Amodei might.
Alright, that's it for this edition of Milk Road AI. We want to hear from you.
Is the cybersecurity selloff an overreaction?
- Buy the dip: Stakes go up, budgets go up. This is a buying opportunity.
- Structural damage: The moats are cracking. The selloff has more room to run.
- Just here for the drama: Can Mythos find my neighbor's WiFi password?
VIBE CODING KILLS SAAS: IS YOUR PORTFOLIO READY? 💻
In last Monday's episode, we sat down with Amit Kija to talk about how AI is reshaping software valuations, what the Iran conflict means for markets, and where the real opportunities are hiding right now.
Here's what you'll hear:
- Why Amit thinks the SaaS selloff is exaggerated, and which names still have real growth worth owning.
- How Anthropic's explosive ARR growth and GPU demand are making semis the most consistent AI trade.
- What the Iran ceasefire negotiations mean for oil, inflation, and risk assets across your portfolio.
- Why Palantir's pullback looks like sector contagion, not a fundamental breakdown, and how to think about it.
Watch the full episode and see for yourself 👇️
YouTube | Spotify | Apple Podcasts
Hackers are using prompt injections to break into crypto users accounts. Don’t be a victim! Use private, safe and encrypted chat Okara. Use the code MILKROAD to get a 20% discount.
Summ (formerly Crypto Tax Calculator) is a tax software built specifically for crypto. Get started for free with Summ.
Kalshi is one of the largest prediction markets that allows users to trade on the outcome of real world events. Sign up here for a free $10 and start trading.
BITE-SIZED COOKIES FOR THE ROAD 🍪
Amazon is buying Globalstar for $11.57B to expand its satellite business. The deal boosts its push into direct-to-device connectivity to rival Starlink.
OpenAI acquired AI finance startup Hiro, likely as an acquihire. The move adds talent as it expands into financial tools.
Tesla is adding a new app with stats and “streaks” to track Full Self-Driving usage. The update aims to boost adoption with easier subscriptions and gamified features.
What if a bank app and crypto wallet had a baby? You’d get Brighty which is a money app that lets you use crypto and regular fiat money together without transferring funds.*
*this is sponsored content.
MILKY MEMES 🤣
ROADIE REVIEW OF THE DAY 🥛
