Yesterday, Anthropic revealed Claude Mythos Preview. It's a frontier AI model that autonomously discovered thousands of critical zero day vulnerabilities across every major OS and browser, then built working exploits for them. Some of these flaws had survived 27 years of human review and millions of automated security tests.
This isn't theoretical. The model chained four separate vulnerabilities together to escape a browser sandbox. It exploited subtle race conditions for privilege escalation. It wrote a remote code execution exploit against FreeBSD's NFS server that granted root access to unauthenticated users from anywhere on the internet.
And Anthropic isn't releasing it.
Project Glasswing
Instead, Anthropic have built Project Glasswing, giving restricted access to 12 partners including Microsoft, Apple, CrowdStrike and Palo Alto Networks so they can use the model defensively to find and patch the vulnerabilities before adversarial models catch up. They're backing it with $100 million in usage credits and $4 million in direct donations to open source security.
This is responsible. This is commendable. And it will not last.
Anthropic themselves said it clearly: these capabilities didn't come from specialised cyber training. They emerged from general improvements in reasoning and code comprehension. The same improvements every other lab is chasing. It is not a question of if similarly capable models reach the open market or hostile actors. It is a question of when. CrowdStrike's CTO put it bluntly: the window between discovery and exploitation has collapsed from months to minutes.
What This Means for Defenders
Your exposure management just became existential.
If a model can find thousands of critical vulnerabilities in weeks that decades of scanning missed, periodic vulnerability management is dead. Continuous Threat Exposure Management is the only model that keeps pace with this reality. The organisations treating CTEM as a future initiative need to treat it as a current one. Prioritisation of your attack surface, validation of your controls, and mobilisation to remediate. Not quarterly. Continuously.
There's another dimension people are overlooking. Mythos doesn't just find zero days. It converts known, patched CVEs into working exploits autonomously, at a rate previous models couldn't touch. That collapses your patch window to near zero. If you're not on top of your exposure backlog now, you won't get the chance to catch up later.
Your SOC needs to prepare for threats it can't signature.
When AI generates novel exploit chains that have never been seen before, your detection engineering built on known indicators and static rules won't catch it. This is where machine learning and anomaly based detection earns its place. Behavioural baselines, deviation analysis, and models that identify what looks wrong rather than what matches a known bad.
And with AI generating exploits that target network services, firmware, and OS level vulnerabilities, your telemetry strategy needs to reflect that. Endpoint detection alone won't cut it. Full packet inspection and network detection and response give you visibility into the lateral movement, the C2 callbacks, and the protocol level anomalies that endpoint agents simply do not see. The network edge and internal east-west traffic just became your most critical blind spot if you're not already watching it.
The Bottom Line
Mythos is a preview of what's coming. Not from Anthropic, who are doing the right thing. But from the inevitable proliferation of models with equivalent capability and none of the restraint.
The organisations that will weather this are the ones investing now in continuous exposure management, ML driven detection, and deep network visibility. Not because the threat is here today. But because when it arrives, maturity isn't something you can build overnight.
The defenders' advantage has always been preparation. That window is narrowing fast.
Martin Riley
Chief Technology Officer
