How prepared is your organisation for the rise of AI-assisted attacks?
More security leaders are starting to ask this, as attackers and their tools evolve faster than internal security can match.
If you have been anywhere near LinkedIn, a security briefing, or your inbox over the past fortnight, you will have seen the headlines.
Anthropic has developed an AI model capable of performing advanced offensive security tasks to such a degree that it has chosen not to release it publicly. The model is called Mythos.
Reaction has ranged from “this changes everything” to “it is mostly marketing”.
Neither view is particularly helpful if you are responsible for your organisation’s security posture.
What matters is not the headline, but what Mythos signals about how attacks are likely to evolve, and whether your current approach is built for that.
What is Mythos?
Mythos Preview is a general-purpose AI model, but with capabilities that place it in a different category to what most organisations have encountered to date.
During testing, Anthropic used it to identify thousands of zero-day vulnerabilities across major operating systems and web browsers. In many cases, the model developed working exploits with minimal human input.
What stands out is not just the volume, but the complexity involved:
- Some vulnerabilities had survived decades of human review and automated testing, including a 27-year-old OpenBSD bug
- In one case, the model chained four vulnerabilities into a working browser exploit, using a complex JIT heap spray to escape both renderer and OS sandboxes
- Engineers without deep offensive security experience were able to produce working RCE exploits in a matter of hours
Because of this, access to Mythos has been restricted to a small number of organisations through Project Glasswing, with a focus on defensive vulnerability discovery and patching at scale.
This is the point where the conversation moves beyond technical curiosity and into something more operationally relevant.
The Misuse Question, and Why it Matters
The defensive potential here is clear.
But the same capability that makes Mythos valuable to defenders also makes it significant in the wrong hands.
Anthropic has already acknowledged that AI is lowering the skill threshold required to carry out advanced offensive activity. That has two important implications.
- Capability that previously required highly specialised expertise is becoming more accessible.
- It increases the likelihood that more actors can operate at a higher level than before.
Two factors reinforce this shift:
- Mythos can operate with minimal supervision over extended periods, meaning it could run sustained discovery and exploitation activity at a scale that would be difficult for a human team to replicate.
- Attackers are not constrained by governance, policy, or internal approval processes. The gap between attacker agility and defender constraints is real, and widening
There is also a more immediate point that has received less attention. Reports indicate that unauthorised users have already accessed Mythos through a third-party vendor. While there is no indication that Anthropic’s own systems were compromised, it highlights an important reality.
Restricted access is not the same as controlled access. The supply chain risk surrounding AI tooling is already becoming tangible.
What the Experts Actually Agree On
There is no single view within the Cyber Security community on how significant Mythos is.
Many researchers see it as a continuation of an existing trend rather than a fundamental shift, albeit one that represents a meaningful increase in capability.
The more consistent position is this: Mythos should be taken seriously, but the immediate risk is unlikely to match the most extreme interpretations.
There are also valid questions around how much of the narrative reflects technical capability versus controlled positioning around a limited release.
What is not disputed is the direction of travel. Autonomous offensive capability is improving quickly, the barrier to entry is lowering, and the time taken to move from vulnerability discovery to exploitation is continuing to shrink.
What This Means For Your Organisation Right Now
Mythos is not in public circulation, so the immediate threat vector is not direct. The more pertinent question is what it signals about the near-term trajectory of AI-assisted attacks, and whether your current controls and processes are calibrated for that.
Five areas worth pressure-testing:
- Patch velocity
The time between patch availability and active exploitation is compressing. If your vulnerability management programme is operating on monthly or quarterly cycles, the risk window that creates is growing. Continuous vulnerability scanning should be an operational input, not a periodic exercise.
- Attack surface visibility:
If autonomous tools can identify vulnerabilities that have survived years of review, it is worth asking whether your current testing coverage is sufficient. Mature organisations are increasingly using CREST-certified red teaming to simulate this level of persistence and are still uncovering gaps in existing controls.
- The point-in-time testing gap
Attackers do not operate on a schedule, and neither will AI-assisted tooling. If testing is conducted annually or bi-annually, it provides a snapshot rather than a true reflection of resilience. Approaches that introduce more continuous, adaptive testing, such as continuous adversary emulation, are designed to address this gap directly
- Third-party and supply chain risk:
The unauthorised access to Mythos itself came via a third-party vendor. Your threat surface extends well beyond your own perimeter. Supply chain security and vendor access controls warrant review in this context.
- AI governance
As AI becomes more embedded in business operations, questions around access, usage, and oversight move firmly into the realm of security. Many organisations are still developing their approach here, and in most cases, controls have not yet caught up with adoption
The Bottom Line
Mythos does not represent an immediate change to your threat landscape. It does, however, provide a clear signal of how quickly offensive capability is evolving.
Organisations that respond well to this will not be those reacting to individual headlines.
They will be those with strong foundational controls, clear visibility of their attack surface, and a testing approach that can adapt as threats change.
If you want to pressure-test what this means for your security posture, our team can help you assess where you stand.
Sources
- Anthropic, Project Glasswing announcement: anthropic.com/glasswing
- Anthropic, Frontier Red Team blog: red.anthropic.com/2026/mythos-preview
- Malwarebytes, , Mythos: An AI tool too powerful for public release, April 2026: malwarebytes.com
- TechCrunch, Unauthorized group has gained access to Anthropic’s exclusive cyber tool Mythos, April 2026: techcrunch.com
- Scientific American, What is Mythos and why are experts worried about Anthropic’s AI model, April 2026: scientificamerican.com
- Foreign Policy, Anthropic’s Claude Mythos Preview Changes Cyber Calculus, April 2026: foreignpolicy.com
- Security Boulevard, Claude Mythos and the Cybersecurity Risk That Was Already Here March 2026: securityboulevard.co
