The Lock Hasn't Been Built Yet

The AI that can break into nearly anything already exists. The AI that can reliably lock the door back does not.

That's the uncomfortable reality sitting beneath last month's scramble triggered by Mythos, Anthropic's latest model, which reportedly identified thousands of previously unknown vulnerabilities across the world's software infrastructure. Banks, tech giants, and government agencies went into crisis mode. The Trump administration began weighing new oversight mechanisms. Anthropic restricted access to a handful of vetted U.S. companies — Apple, Amazon, JPMorgan Chase, and Palo Alto Networks — under a security protocol called Project Glasswing.

But cybersecurity professionals fighting in the trenches had a different reaction: we've been here for a while.

The Capability Isn't New. The Awareness Is.

"What we are seeing across the industry now is that people are able to reproduce the vulnerabilities found with Mythos through clever orchestration of public models to get very, very similar results," said Ben Harris, CEO of cybersecurity firm watchTowr Labs.

The technique in question — called orchestration — involves breaking code into smaller chunks and routing them through multiple AI models that cross-check each other's findings. No cutting-edge proprietary access required. Researchers at Vidoc, a cybersecurity firm, ran older OpenAI and Anthropic models against the same codebases that Mythos analyzed. They found the same vulnerabilities. Vidoc CEO Klaudia Kloc told CNBC this has been possible "for a couple of months, if not a year."

AISLE, another cybersecurity firm, went further. Founder Stanislav Fort described the dynamic in a blog post: "A thousand adequate detectives searching everywhere will find more bugs than one brilliant detective who has to guess where to look." Scale and coordination, not model sophistication, are driving the results.

Anthropic didn't push back on this. A company spokesperson pointed to a February blog post showing that Claude Opus 4.6 — a widely available model — had already found more than 500 high-severity vulnerabilities in open-source software. CEO Dario Amodei echoed the point at a company event this week: "The risks are very real. But they're also, in some sense, not that surprising. We've been seeing warnings of this for a while."

What Mythos does differently, according to Anthropic, is the next step: automatically developing working exploits with little or no human input. But here's the catch — skilled hackers in North Korea, China, and Russia already know how to do that. "With or without Anthropic," Kloc said flatly.

Sponsored

Advertise with Us

[email protected]

Sponsored

Offense Wins the First Round

Even before generative AI entered the picture, the cybersecurity industry operated under a structural disadvantage. A skilled hacker could exploit a newly discovered vulnerability in hours. Patching it — especially if it requires taking critical systems offline — takes days or weeks. AI has widened that gap, not created it.

Jamie Dimon acknowledged the asymmetry last month: AI tools may eventually help companies defend themselves, but right now they're making companies more vulnerable first. Justin Herring, a partner at Mayer Brown and former executive deputy superintendent for cybersecurity at New York's financial regulator, put it plainly: "You have a significant increase in the volume of vulnerabilities discovered, but they don't seem to have deployed a tool that helps you fix them. Vulnerability management is the great Sisyphean task of cybersecurity."

The selective rollout of Mythos gave the initial access group a head start on patching. But it came with a cost. Independent AI researchers were locked out, unable to verify Anthropic's claims or begin building defenses against the model's capabilities. Pavel Gurvich, CEO of cybersecurity startup Tenzai, described the result as "tiers of haves and have-nots" that could slow the pace of security innovation broadly.

Meanwhile, OpenAI moved quickly to stake its own position. CEO Sam Altman announced GPT-5.5-Cyber, a model tailored specifically for cybersecurity, and on Thursday began limited access rollouts to vetted security teams.

Who Pays When the Egg Breaks?

Harris describes recent conversations with banks, insurers, and regulators as "hysteria." The concern is legitimate — but the industry's response reveals a deeper structural problem. The companies with the resources and relationships to get early access to models like Mythos are the same ones already best equipped to defend themselves. The hospitals, school districts, and mid-sized businesses that ransomware groups have increasingly targeted are not in that group.

Ben Seri, co-founder of cybersecurity startup Zafran Security, described the current moment with unusual candor: "They're trying to figure out the best way to fix the world before this becomes accessible to the world. It's this kind of chicken-and-egg situation, and you're going to break some eggs. It's unavoidable."

The question is which eggs, and who's holding them.

The barrier to entry for causing serious cyber damage has dropped. Before, only a small global population of highly skilled experts could find and exploit obscure software vulnerabilities. Now, with publicly available AI models and the right orchestration workflow, that circle has expanded significantly. Harris noted that targets previously considered too obscure to attract sophisticated attackers will now face threats they weren't designed to handle.