The "Al Vulnerability Storm”: Building a "Mythos-ready" Security Program

Cloud Security Alliance (CSA)

Executive Summary

Mythos AI sharply increases attackers' offensive capabilities while only modestly aiding defenders. Attackers gain an asymmetric advantage and the defender burden grows disproportionately.

Scale & automation Automated deployment Exploit generation Vuln. discovery Attacker uplift Patch development Defender uplift

Near-term, security teams will be overwhelmed. Glasswing's disclosures are the first wave, and Mythos-level capabilities will proliferate, driving more frequent, complex, novel attacks.

Absorb the current spike

  • Adjust risk calculations for rising patch volume and shorter time-to-patch
  • Re-orient resources for more persistent, complex attacks
  • Harden via segmentation, egress filtering, MFA, defense-in-depth

Be ready for the next waves

  • Robust third-party and open-source dependency management
  • Automated security assessments in dev; LLM agents find vulns first
  • AI agents in the cyber workforce, to match attacker speed
  • Re-evaluate tolerance for remediation downtime under shorter adversary timelines
  • Update governance for faster vendor onboarding and AI defense deployment

Mythos & Glasswing: Why They Matter

To act on that asymmetry, start with what Mythos actually does and where Glasswing fits.

Mythos

Mythos has three key capabilities:

  1. Exploits without scaffolding: Mythos generated 181 working exploits on Firefox where its predecessor succeeded only twice under the same conditions.
    Mythos 181 Predecessor 2 Working Firefox exploits, identical conditions
  2. Complex, chained vulnerabilities: It identifies vulnerabilities composed of multiple primitives chained together into a single exploit path.
    P P P P Exploit primitives single exploit path
  3. "One-shot” capability: It accomplishes significantly more with a single prompt, requiring less elaborate configuration.

Glasswing

Glasswing is Anthropic's coordinated-disclosure program giving partners early Mythos access for patching. The advantage is bounded. The world's attack surface dwarfs any curated ecosystem, and comparable offensive capabilities will proliferate.

The Evolution of LLM-based Offensive Capabilities, 2025/6

Mythos didn't appear out of nowhere. AI-driven offensive capability has been compounding for the past year, and the cadence is accelerating:

Jun 24, 2025
XBOW tops HackerOne's US leaderboardThe autonomous system outperforms all human hackers.
Aug 5, 2025
Big Sleep finds 20 real-world zero-daysGoogle's agent discovers them autonomously in open-source projects like FFmpeg.
Aug 8, 2025
DARPA AIxCC: 54 vulnerabilities in four hoursAcross 54 million lines of code.
Sep 2025
"6 months away" warning publishedForecasts autonomous vulnerability discovery and exploitation.
Nov 14, 2025
First AI-orchestrated espionage campaign disclosedA state-sponsored group used an LLM to run full attack chains.
Feb 5, 2026
500+ high-severity vulns; admin-level access in 8 minutesAnthropic reports AI-found vulnerabilities and an AI-based attack reaching admin access.
Mar 2026
OSS maintainers overwhelmedLinux kernel and curl flooded with quality, AI-supported bug reports.
Mar 2026
Zero Day Clock launchedVisualizes the collapse of time-to-exploit to under one day.
Apr 7, 2026
Claude Mythos Preview & Project GlasswingAnthropic discloses thousands of zero-days with a 72% exploit success rate.

10 Questions to Understand Your Security Program State and Influence

Against that trajectory, where does your program stand, and where can you act? If you can't answer one with a concrete example, that's the first finding.

What is our actual stance on AI?Allowed, tolerated, restricted, or unknown
Can employees use agentic coding tools in the enterprise?With security guardrails?
Can employees contribute to open source?Clear legal/IP policy?
How disciplined are source control, artifact provenance, and CI/CD?For both human and agent code
Is there a real security gate between code change and production?And is it enforced?
Is security operational, or primarily advisory?Can it implement, or only escalate?
What's the fastest security-driven production change we made last year?Use a real example
Are our crown jewels explicitly tracked and current?Map of critical assets and dependencies
Do we know how to escalate urgent work to key third parties?Established vendor relationships
Does leadership share a working definition of urgency?Aligned at the executive level

Key Takeaways for the CISO

Whatever the answers, these moves put a program in Mythos-ready posture.

Use LLMs for vuln discovery and remediation

Defensive capabilities are mature. Start with agent-based code reviews; build toward VulnOps.

Update risk metrics

The shifting landscape has outdated old assessments. Refresh them and communicate the change to stakeholders.

Accelerate the team with coding agents

Agents speed up incident response, GRC, patch triage, red teaming, and data collection.

Prepare for more incidents

Run tabletops for simultaneous incidents. Automate remediation; verify segmentation, egress filtering, phishing-resistant MFA.

Refocus on the basics

Segmentation, patching, IAM raise attacker difficulty. Expand these efforts.

Prepare for burnout

Disclosure cadence will be taxing. Secure headcount and budget for reserve capacity and automation.

Build a Mythos-ready program

Mythos is one of many shifts. Bake its implications into security strategy.

Build collective defense

Attackers crowdsource tools as syndicates; coalitions beat teams. Engage ISACs, CERTs, and sector groups to share intel, coordinate response, and produce sector-specific guidance.

References