On April 7th, 2026, Anthropic announced the Claude Mythos Preview alongside Project Glasswing. The reaction in the security community was immediate: CISOs called emergency meetings, boards demanded briefings, and ZeroDayClock.com became the most-shared link in infosec circles overnight.

But for those of us working on the cutting edge of AI-driven offensive security, the reaction was different. We already knew what AI was capable of, we've been watching it for months. We were just happy that everyone finally believed it.

This post is an attempt to explain what actually happened with Mythos' release, why it matters, and what we should do about it.

Mythos Didn't Come Out of Nowhere

One of the most damaging misconceptions circulating right now is that AI-driven vulnerability discovery is a 2026 phenomenon. It isn't. The trajectory has been visible for at least a year. Most security leaders missed it because the signals were scattered across research blogs, academic conferences, and various startups.

Here's a brief timeline of the key highlights in AI-driven offensive cybersecurity so far, this timeline is drawn from the Cloud Security Alliance and SANS' April 2026 strategy briefing:

• June 2025: XBOW became #1 on HackerOne's US leaderboard, the first autonomous system to outrank every human hacker on the platform.
• August 2025: Google's Big Sleep discovered 20 real-world zero-days autonomously across open-source projects including FFmpeg and ImageMagick. In the same month, DARPA's AI Cyber Challenge (AIxCC) finals at DEF CON 33 found 54 vulnerabilities in four hours of compute across 54 million lines of code.
• September 2025: Heather Adkins (CISO, Google) and Gadi Evron (CEO, Knostic) published a warning that attackers were racing toward a "singularity moment," with autonomous vulnerability discovery and exploitation roughly six months away.
• November 2025: Anthropic disclosed that a Chinese state-sponsored group (GTG-1002) had used Claude Code to autonomously run full attack chains, from reconnaissance through exfiltration, across approximately 30 global targets spanning technology, chemicals, finance, and government sectors. Anthropic estimated 80-90% of the campaign was AI-automated.
• February 2026: Anthropic, using Claude Opus 4.6, reported more than 500 high-severity vulnerabilities in open-source software. AISLE found 12 OpenSSL zero-days, including a CVSS 9.8 flaw with roots reaching back to 1998. Sysdig documented an AI-based attack that reached admin-level access in eight minutes.

In other words: Mythos is the most visible step in a trajectory that was already well underway.

What Makes Mythos Different

Mythos is notable because of how it finds vulnerabilities. According to Anthropic's own Mythos Preview technical disclosure, three capabilities distinguish it from prior models:

• Exploits without scaffolding. Earlier AI systems often needed more elaborate agent frameworks, custom tooling, and hand-tuned prompts to produce working exploits reliably. Mythos needs this a lot less. In internal testing on Firefox's JavaScript engine, Mythos achieved a 72.4% exploit success rate, compared to Claude Opus 4.6's 14.4% under the same conditions. In raw terms, this translated to 181 working exploits versus 2, with an additional 29 attempts that achieved register control.
• Chained vulnerabilities. Real-world attacks rarely rely on a single vulnerability. Mythos has the ability to chain multiple primitives (e.g., a memory leak to bypass ASLR, a use-after-free for code execution, a kernel flaw for privilege escalation) into a single exploit path. This matters because with previous models, chaining was the part of exploit development that required the most human expertise.
• One-shot capability. Mythos accomplishes substantially more from a single prompt than prior models, without elaborate scaffolding or agent configuration. This collapses the skill floor required to operate it, which is the single most important factor in how quickly these capabilities proliferate, and presumably the main reason why they haven't released it to the public.

Another important point is the economics of the research development. Anthropic reported that Mythos found a 27-year-old vulnerability in OpenBSD's SACK implementation for under $50 per discovery run. That's not a typo.

The Exploitation Window

ZeroDayClock.com tracks median Time-to-Exploit (TTE) across thousands of CVE-exploit pairs sourced from CISA KEV, VulnCheck KEV, and ExploitDB. The long-run trend is insane and scary:

• 2018: median TTE of approximately 2.1 years
• 2021: 10.8 months
• 2024: 23.2 days
• 2026: projected to under one day

To make things worse, the share of exploited CVEs that were zero-days (i.e., exploited before patches existed) has risen from roughly 16% in 2018 to 67% in 2026. Put plainly, most of what gets exploited today is being exploited before the defender community even knows it exists.

Project Glasswing: Industry Response, and Its Limits

Anthropic's response to Mythos' capabilities was Project Glasswing, a coordinated disclosure program providing over 40 partner organizations (critical infrastructure providers, major vendors, and open-source maintainers) early access to Mythos so they could identify and patch vulnerabilities in their own products before public disclosure. Anthropic has committed $100M in usage credits and over $4M in direct donations to open-source security projects.

Glasswing is a credible and important piece of industry infrastructure. Unfortunately, it's also limited.

The world's exploitable attack surface is much larger than any curated partner program could possibly cover. The majority of organizations that build, ship, or operate critical software will not be covered by Glasswing. And the defensive advantage conferred by early access is inherently time-limited: the CSA/SANS briefing estimates comparable offensive capabilities will emerge in other frontier models within months, and in open-weight models within six months to a year.

In other words, Glasswing buys a bit time for a handful of organizations. What are the rest of us supposed to do?

Traditional Defenses Are Becoming Useless

Quarterly penetration tests and static defenses were built for a world in which exploit development was slow, expensive, and required rare human expertise. All of these assumptions are now dead.

The CVE system may not scale. The CVE/NVD infrastructure was designed for dozens of critical vulnerabilities per month, not hundreds. Linux kernel bug reports have already climbed from 2 to 10 per week, and the curl project, which famously discontinued its bug bounty over AI-generated "slop" reports, now reports that an increasing share of submissions are quality AI-supported findings.

Most enterprise risk models are built on pre-AI assumptions about patch windows, exploit scarcity, and incident frequency. This is now an incredibly dangerous way to behave. When median TTE was 10 months, those assumptions might have been reasonable but median TTE is now less than 1 day.

So what can we do about it?

The Answer: Continuous, Autonomous Offensive Security

What we need is a Mythos-ready defensive posture. CSA/SANS touches on this, stating that we need to combine:

• Full attack surface visibility
• Scale
• Agentic AI depth
• Human hacker intelligence
• Guardrails and control
• Continuous operation

This is what we built at Ethiack, and we built it years before Mythos made the threat model obvious. Ethiack is an autonomous offensive security platform that continuously tests and validates vulnerability exploitation across entire attack surfaces using agentic AI pentesting and hacker intelligence.

"VulnOps"

There is a useful new term worth adopting. The CSA/SANS briefing introduces "VulnOps": a permanent, staffed-and-automated function for continuous vulnerability research and remediation, analogous to DevOps but for the security estate. VulnOps owns continuous discovery of zero-days across your entire software footprint (your own code and third-party dependencies) and establishes automated remediation pipelines.

Most organizations don't have this yet.

The Human Cost

It would be irresponsible to write about this transition without naming the human implications. Security teams are being asked to absorb an exponential increase in workload, the cognitive cost of integrating AI into their own workflows, and a cultural shift in which every security role is becoming an "AI builder" role, often without corresponding investment in headcount, tooling, or wellbeing.

The CSA/SANS briefing is crystal clear about this, stating that burnout in security functions represent a "direct operational risk", because the expertise needed to navigate this transition takes years to develop and is not replaceable on short timescales. Team resilience, sustainable workload, mental health support, and retention really need to be treated with the same strategic urgency as the technical controls.

Are we doomed?

I'll leave you with one important thought. The takeaway from the Mythos announcement shouldn't be about Mythos. The takeaway is that the time-to-exploitation is getting quicker and quicker. Your organization needs to be able to respond to threats faster than ever before. Whether we're doomed or not is a matter of speed.

Ethiack is an autonomous offensive security platform that continuously tests and validates vulnerability exploitation across entire attack surfaces using agentic AI pentesting and hacker intelligence, so security teams fix what matters before attackers strike. European-born, sovereign. Already protecting governments, critical infrastructure, and top-tier enterprises worldwide. Learn more at ethiack.com.