Anthropic’s announcement of its “Mythos” cybersecurity models has sparked a fresh round of debate in crypto: will advanced AI tools make decentralized finance easier to exploit, or will they simply accelerate the pace of defense? The discussion gained traction as Anthropic positioned Mythos-class systems for security-focused tasks and—according to the company—reported improvements in vulnerability research and exploit analysis compared with earlier iterations.

For DeFi investors, developers, and security teams, the underlying question matters less about hype and more about operational reality: can AI meaningfully shorten the gap between discovering weaknesses and turning them into working attacks? And just as importantly, can defenders use the same capability to identify issues earlier and patch faster?

Key takeaways

• Anthropic frames Claude Mythos as a cybersecurity-focused AI system aimed at tasks such as vulnerability research and layered security reasoning.
• AI can accelerate code review, but moving from “finding a vulnerability” to “stealing funds” still requires technical and operational execution attackers often must plan for.
• Current limits—including false positives and incorrect reasoning—mean expert oversight and process discipline remain central to DeFi security.
• Defensive teams and developers can also adopt AI-assisted testing, potentially raising baseline security standards across the sector.
• DeFi risk is uneven: smaller projects, fast launch cycles, reused code, and weak audit coverage tend to face higher exposure.

What Claude Mythos is intended to do

Claude Mythos is Anthropic’s most advanced AI system for cybersecurity tasks, designed differently from general-purpose assistants that simply explain concepts or generate code on request. Anthropic has described Mythos-class capabilities as oriented toward complex security workflows rather than broad chat-based usage.

While the company initially limited access instead of offering immediate broad distribution, Anthropic’s published materials emphasized measurable improvements in areas that matter to security teams—particularly vulnerability research and exploit analysis. The relevance for crypto is obvious: smart contract security depends on identifying flaws quickly in public codebases and evaluating how weaknesses might be leveraged in practice.

The most practical concern for DeFi is timeline compression. If AI helps reduce the time it takes to locate and reason through potential vulnerabilities, attackers could benefit by shifting from slow discovery to faster exploitation. But that same speed advantage could also shorten the defensive cycle—reviewing code, verifying assumptions, and preparing fixes before exposure becomes capitalized.

Why DeFi looks like an attractive target

DeFi security concerns aren’t new, and they don’t rely solely on technical complexity. DeFi protocols often custody large sums through smart contracts, which means a software issue can potentially become direct financial risk rather than a theoretical bug. The sector has repeatedly seen losses linked to a range of failure modes—exploits, flash-loan-style attacks, cross-chain issues, governance manipulation, and smart contract weaknesses.

Two factors make these environments particularly sensitive. First, smart contract code is frequently public, which is good for transparency and security research but also gives attackers the same information defenders get. Second, many DeFi systems are young or rapidly evolving, and even audited protocols can still contain gaps or assumptions that don’t hold under changing conditions.

In that context, AI tools that can triage large repositories, summarize complex systems, and suggest likely attack paths can be seen as a force multiplier. If a model can sift through patterns and reason about potential exploit routes faster than traditional manual review, attackers may be able to scale their efforts beyond what small teams could previously accomplish.

AI can help, but it doesn’t guarantee profitable attacks

Even if AI can identify vulnerabilities efficiently, the path to successful exploitation is not a straight line. Many real-world crypto attacks require more than recognizing a weakness—they depend on understanding protocol mechanics, coordinating transaction sequences, managing liquidity dynamics, working through governance pathways, and minimizing the chance of detection.

Anthropic’s own research materials and broader cybersecurity experience point to a key operational reality: AI systems can be useful while still producing errors. In practice, AI-driven analysis may surface multiple possible issues, not all of which are valid or exploitable. That means defenders should still assume that automated tools will generate noise alongside value, and teams will need to verify findings rather than treat model output as final truth.

For DeFi users, this distinction matters. A vulnerability that appears in a report does not automatically translate into drained funds. Attackers may also face constraints—capital requirements, timing, or dependencies across contracts—that AI can’t remove. Likewise, defenders who can act quickly on high-confidence findings may blunt the window in which attackers can convert theory into execution.

Where AI could strengthen DeFi security

Another reason the “AI will only weaken DeFi” narrative doesn’t fully hold is that defensive teams have access to similar tools. Security firms can integrate AI-assisted review into their workflows, and developers can use AI to augment code checks. Bug hunters may also be able to widen coverage and speed up pre-release scrutiny, potentially catching classes of issues earlier than traditional processes alone would allow.

That opens a more balanced scenario: AI becomes a normal part of secure development rather than an edge only attackers possess. In this framing, the decisive variable becomes not whether AI exists on the offensive side, but how quickly teams can incorporate AI-backed analysis into deployment pipelines and how effectively they respond once issues are detected.

It’s also worth noting that major crypto incidents have sometimes been driven by factors unrelated to smart contract code—such as compromised private keys, social engineering, or governance manipulation. AI improvements in code review won’t eliminate those risks, but they may reduce one category of exposure by tightening how contract logic is assessed.

DeFi builder priorities in an AI-accelerated world

For protocol teams, the clearest lesson is to assume that automated vulnerability research is becoming easier to run. That doesn’t mean every weakness will be instantly exploited, but it does mean security expectations should rise. Teams should focus on shortening the time between identifying a potential issue and shipping a fix—because in a faster ecosystem, delays can matter as much as prevention.

Actionable priorities highlighted by this shift include expanding automated security testing, running continuous audits rather than one-off reviews, and integrating AI-assisted code analysis into development workflows. Many teams are also likely to benefit from improving threat monitoring and incident response readiness, since faster detection and triage can reduce the real-world impact of whatever vulnerabilities do slip through.

Risk also isn’t evenly distributed across DeFi. The protocols most exposed are often those with limited security resources, rushed deployment schedules, heavy reuse of existing code, weak third-party audit coverage, or legacy smart contract designs that rely on assumptions no longer aligned with current exploit techniques. For these teams, AI-assisted analysis could lower barriers—but it also raises the bar they must meet to keep up.

A shift in standards, not a guaranteed breakdown

Mythos—and the broader trend of cybersecurity-focused AI—signals a major change in how quickly complex security tasks can be tackled. Still, the idea that DeFi is headed for unavoidable collapse overlooks practical constraints: discovering a flaw doesn’t ensure exploitation, AI analysis remains imperfect, and defenders can adapt as attackers do. The more likely outcome is an evolution in security standards, with faster vulnerability discovery and more pressure on teams to update code and respond in shorter timeframes.

What readers should watch next is how protocol teams operationalize AI-assisted security—whether audits become continuous, how response timelines improve, and whether the sector closes gaps faster than attackers can exploit them.

Anthropic’s Mythos preview research and coverage of Anthropic’s cybersecurity model capabilities informed the discussion of how Mythos performs on security-related tasks. Additional context on Mythos-related reporting appears in Reuters.

Key Highlights

• BLSH stock declines 2.25% following Gibraltar Financial Services Commission authorization.

• Gibraltar regulator clears path for regulated blockchain-based securities operations.

• Platform designed for qualified international participants outside United States.

• Planned Equiniti acquisition enhances end-to-end tokenization capabilities.

• Platform rollout anticipated within several weeks pending final requirements.

Shares of Bullish (BLSH) experienced downward pressure Monday following announcement of regulatory clearance for digital asset trading. BLSH declined 2.25% to close at $22.77 despite initially dropping more sharply. Trading remained subdued throughout the late-morning session as investors digested the news.

Bullish, BLSH

GFSC Grants Authorization for Digital Asset Infrastructure

Bullish announced receiving clearance from Gibraltar’s Financial Services Commission to operate a tokenized securities platform. The authorization provides regulated infrastructure for blockchain-based financial instruments. This milestone deepens Bullish’s operational ties with Gibraltar’s supervisory authorities.

Collaboration between the firm and GFSC commenced in 2025 focusing on digital asset frameworks. Initial discussions centered on establishing compliant blockchain financial systems. The current authorization represents an extension of these efforts into the securities tokenization space.

Gibraltar has established itself as an early adopter of crypto regulation. The territory implemented specialized legislation governing Distributed Ledger Technology providers. Bullish considers Gibraltar strategically important for maintaining supervised digital market operations.

International Blockchain Trading Platform Excludes U.S. Participants

The company intends to launch tokenized asset trading for qualified international investors excluding U.S. persons. Services will operate under Gibraltar’s regulatory oversight utilizing blockchain technology. Final operational commencement awaits completion of pre-launch compliance requirements.

Tokenized securities leverage distributed ledger technology to digitally represent conventional financial instruments. This approach enables continuous trading cycles and accelerated settlement processes. Additionally, it minimizes inefficiencies associated with traditional clearing and settlement systems.

From an issuer perspective, tokenization delivers enhanced visibility and streamlined shareholder recordkeeping. The technology facilitates more direct investor relations management. Accordingly, Bullish positions this authorization as integral to its broader capital markets vision.

Transfer Agent Acquisition Strengthens Tokenization Ecosystem

Bullish connected the regulatory approval to its pending Equiniti acquisition. The company announced in May 2026 its intention to acquire the international transfer agent. Equiniti maintains relationships with approximately 3,000 corporate issuers and administers records for over 20 million beneficial owners.

This transaction would enable Bullish to provide comprehensive tokenized securities services. The integrated solution aims to encompass origination, registry management, and secondary market trading. It would bridge traditional transfer agent functions with Bullish’s distributed ledger and exchange technology.

Gibraltar’s regulatory clearance provides the secondary market component for this integrated strategy. Bullish now possesses regulatory infrastructure supporting tokenized asset liquidity. Management indicated platform launch could occur within weeks.

The immediate impact will fall on customers whose exchanges are withdrawing services, Fazel told CoinDesk

Several exchanges, including Binance, have announced changes to their European services ahead of the July 1 deadline, while others continue seeking MiCA authorization or adjusting their products.

“When a platform pulls back, users unfortunately absorb the shock, like a tenant being evicted by its landlord with no notice,” Fazel said. “People shouldn’t keep hunting for a new home. They should pick one built to stay.”

“When you’re choosing a new home, the price is one thing.”But we need to look at the identity match, the platform, its culture, its security, the features you’ll actually use, and the community you’re joining.”

“Incentives fade,” he added. “A home you trust doesn’t.”

Coinbase and OKX last week offered deposit and transfer incentives to attract new users amid some exchanges scaling back services in Europe.

Fazel said those offers may persuade some customers to switch, but argued they should not be the deciding factor.

“Every exchange is piling into the same rat race of bigger bonuses, louder cheques,” he said. “But money does not earn trust. A local track record does.”

J.P. Morgan has expanded the number of currencies supported by its Kinexys blockchain payments platform, a move that could make it easier for multinational companies to move money between countries at any hour of the day.

The bank added the Australian dollar, Hong Kong dollar, Japanese yen, Chinese renminbi and Singapore dollar to Kinexys’ Blockchain Deposit Account network, a feature that lets clients move tokenized bank deposits over the platform. The new additions join the U.S. dollar, euro and British pound, giving institutional clients access to eight currencies for blockchain-based settlement and foreign exchange.

The announcement comes as banks look for ways to solve a longstanding problem in global finance: moving money faster across borders without transactions having to go through multiple banks limited by local banking hours.

Kinexys is designed to remove some of those delays. Instead of relying solely on traditional payment rails, it uses a permissioned blockchain network operated by J.P. Morgan to record and settle transfers between participating clients. Because the platform runs continuously, businesses can move funds, exchange currencies and manage liquidity 24 hours a day, seven days a week.

Arthur Hayes has revealed a $2.2 million investment in Synapse’s SYN token after backing its Hypercall options DEX, helping drive the token as much as 26% higher on Monday.

According to a June 29 post on X by BitMEX co-founder Arthur Hayes, he sees Hypercall, an options decentralized exchange built by the Synapse team and settled on Hyperliquid, as a credible challenger to crypto options exchange Deribit.

Explaining why he backed the project, Hayes wrote that he still wanted exposure to the Hyperliquid ecosystem but was looking for a more asymmetric opportunity.

“I still want to be long the Hyperliquid ecosystem but I need some asymmetry. It’s time for an options dex to properly take on Deribit. Hypercall, owned by SYN, is that challenger.”

On-chain data from Arkham later showed Hayes purchased 6.16 million SYN tokens worth about $2.2 million from Flowdesk. The purchase came shortly after his public endorsement and coincided with a sharp rally in the token.

Hayes has pointed to tokenomics behind the investment

Alongside his endorsement of Hypercall, Hayes shared a post by crypto investor Duncan, writing, “DYOR – but I found this pretty compelling.”

In the thread Hayes reposted, Duncan argued that SYN offered an attractive risk-reward profile because it had an estimated fully diluted valuation of about $81 million, no venture capital unlock overhang, roughly 88% of its supply already circulating, and listings on major exchanges including Binance and Kraken.

“Most blockchain infrastructure was originally built for a single-user, single-key model, one private key controls everything, and if that key is lost or stolen, all the assets are gone instantly. This goes against the basic security principles that traditional finance has relied on for decades: more than one person approving, separation of duties, and several layers of defense,” Wu told CoinDesk.

In a way, the system built to revolutionize global finance has weaker security than a typical email account.

Wu added that the number of routes through which an attack can be launched has increased significantly. “Cloud systems, third-party tools, social media accounts, and the people operating them, all of these can become a way in.”

Both Wu and Fan pointed to the Bybit hack of February 2025 as an example of a widening attack surface. Attackers compromised the software supply chain of a third-party developer tool, allowing them to inject malicious code into the wallet’s web interface and trick executives into unknowingly signing away $1.5 billion in Ethereum.

The fix

The industry is now moving to address the private key vulnerability issue, though not evenly, according to Wu.

“There’s progress on many fronts: MPC [multi-party computation] wallets, account abstraction with social recovery, passkey-based login, hardware wallet enforcement, and proper key management SOPs,” he said. “The problem is that these are often added as optional extras, instead of being built in from the start at the protocol level. Most chains still treat security as a feature to bolt on, not as a core design principle.”

TLDR;

• Bybit EU has become the main regulated route for EEA users as Bybit Global prepares phased service restrictions.
• EEA users will receive advance notices before restrictions begin, allowing them to manage open positions and balances.
• Bybit’s move reflects growing MiCA compliance pressure as crypto exchanges adjust services across European markets.
• Users will retain access to custodied assets while Bybit limits selected global platform services for EEA residents.

Bybit EU moved into sharper focus after Bybit announced phased limits for EEA users on its global platform. The exchange said access to certain global services will be progressively restricted as part of regulatory alignment across Europe. Affected users will receive notices before any changes take effect. 

Bybit also said clients will keep access to assets held in their accounts while they manage positions and balances. The move comes before the MiCA transition window closes on July 1, 2026. It also pushes European clients toward the group’s regulated platform.

Bybit EU Becomes Main Route as Global Access Narrows

Bybit said EEA users will face gradual limits on selected services through Bybit Global. The company did not give a single cut-off date in the notice. Instead, it said users will receive clear instructions before specific measures begin.

The process covers residents across most EEA countries. Austria, France, Germany, Ireland, Italy, Spain, Sweden, and Norway are included. Malta is excluded from this process because Bybit EU does not actively offer services there.

The exchange framed the move as part of its broader regulatory alignment. MiCA now gives crypto firms one rulebook for serving European clients. That framework raises the pressure on platforms still operating through older national arrangements.

Bybit EU operates through a separate European entity based in Vienna. The platform holds authorization in Austria under MiCAR. Its permitted services include custody, crypto-fiat exchange, crypto-to-crypto exchange, placing crypto assets, and transfer services.

The shift means EEA users may need a separate account on the European platform. Existing Bybit Global accounts are not automatically the same as Bybit EU accounts. Users may also need to complete identity checks again before using local services.

For traders, the key issue is continuity. Open positions, balances, and service access may be handled under different timelines. Bybit said affected clients will receive direct communication before restrictions are applied.

Bybit EU Incentives Show MiCA Compliance Push

Bybit EU is also using incentives to attract European users before the July deadline. Its “Move Your Funds, Get Rewarded” campaign runs through July 31, 2026. The offer targets new EEA users who have not held a Bybit EU account.

The campaign includes several benefit tracks. Users may receive a welcome package, card bonuses, and subscription cashback. Eligible clients may also get faster VIP status after a qualifying deposit.

Larger deposits may receive USDC cashback under the campaign terms. The offer gives Bybit a commercial bridge while regulatory access changes across Europe. It also helps move activity from the global platform toward the regulated entity.

The broader backdrop is clear. MiCA has made authorization, supervision, and user protection central to European crypto access. Exchanges without the right license face higher legal risk after the transition period ends.

Bybit EU CEO Mazurka Zeng said users now value clarity and long-term readiness. That message fits the exchange’s new structure in Europe. Bybit Global remains available in other markets, but EEA users now face a different path.

The change may also shape competition among European crypto platforms. Licensed exchanges can market continuity while rivals adjust access. For Bybit, the near-term test is whether users migrate smoothly before service limits tighten.

Update 2:00 pm UTC, June 29: Added comment from Germany’s Federal Financial Supervisory Authority (BaFin).

The European Union’s Markets in Crypto-Assets Regulation (MiCA) framework is producing uneven crypto licensing across member states and European Economic Area (EEA) jurisdictions, with Germany leading approvals under the new regime that takes effect on Wednesday.

Data from the European Securities and Markets Authority (ESMA) interim register, compiled on Friday, shows Germany has 57 MiCA-authorized crypto-asset service providers (CASPs), accounting for about 23% of the 244 total licenses issued.

France follows with 26 companies, or roughly 11% of all approvals, placing it alongside the Netherlands as the bloc’s second-largest hub for MiCA licensing.

The pattern suggests that although MiCA is designed to create a single European crypto market, implementation remains fragmented across national regulators ahead of the July 1 transitional deadline.

France leads late-June approval wave

While Germany leads overall MiCA licensing, France has recently accelerated approvals, accounting for the largest share of last-minute authorizations.

According to ESMA interim data, France issued five CASP approvals between June 18 and June 22, the most during that window. In total, 11 approvals were issued across EU and EEA jurisdictions during the period, with Malta following France with two authorizations.

MiCA CASP licenses issued during the period from June 18-25, 2026. Source: ESMA

France’s authorizations include CASPs such as Bpifrance Investissement, RCUBE Asset Management, Paymium, Leonod and Meria.

Germany’s Federal Financial Supervisory Authority (BaFin) told Cointelegraph that the relatively high number of MiCA authorizations is partly driven by the country’s large financial sector, including a high number of credit institutions that can provide crypto asset services under MiCA.

It also pointed to Germany’s pre-existing national licensing regime, which allowed some CASPs to use simplified authorization pathways under MiCA transition rules, potentially accelerating approvals.

Related: Binance faces EU service limits next week as MiCA rules take effect

A spokesperson at BaFin also said it is difficult to predict whether Germany will maintain its dominant share of CASP authorizations as MiCA implementation progresses, noting that outcomes will depend on market developments, innovation trends and the volume of pending applications across member states. The representative added that approvals in other EU countries are expected to increase over time and broadly align with the size of national financial sectors.

Five EU states have not issued any MiCA licenses

Five EU member states, including Greece, Hungary, Poland, Portugal and Romania, have not issued any MiCA licenses as of June 26, according to ESMA interim register data.

Greece stands out after Binance applied for authorization in the country but later withdrew its application, shifting its eventually licensing plans to another MiCA jurisdiction.

European jurisdictions ranked by the number of approved CASPs under MiCA as of Friday. Source: ESMA

Poland is also notable, with delays in MiCA implementation legislation followed by three reported presidential vetoes, leaving the country without an active licensing framework by the time of the EU deadline.

In contrast, Italy dominated ESMA’s non-compliant CASP register as of Friday, accounting for an overwhelming majority of entries with 160 out of 162, while the Netherlands and Slovakia recorded one each, linked to MEXC and LWEX, respectively.

Additional reporting by Yohan Yun.

Magazine: AI is banking the unbanked in Africa… faster than crypto

White House officials — especially lead crypto adviser Patrick Witt — have sought to keep the Clarity Act moving forward in the Senate, including holding previous meetings with those who have objected, such as law enforcement groups and Wall Street bankers. Representatives of the White House didn’t immediately respond to requests for comment on the expected Monday meeting, which meant to work through some of the remaining concerns, and few details were available.

Industry groups such as the Blockchain Association have defended the legislation’s crime-fighting tools, arguing that the bill includes a number of new powers for pursuing bad actors, and that the absence of a new law will leave a vacuum.

At an industry-hosted event earlier this month, White House adviser Witt said, “We’re putting real regulatory constraints on businesses and actors that currently live in a state of uncertainty.”

To law enforcement officials, he argued, “You should be the biggest cheerleaders for this bill, because this is really what is missing.”

Meanwhile, the Clarity Act’s political opponents, such as Senator Elizabeth Warren — the top Democrat on the Banking Committee, have maintained a steady stream of criticism on the legislation’s illicit-finance front. They routinely cite crypto’s use by criminal groups, drug cartels and human traffickers.