The Overnight Exploit: What Mythos Means for Your Access Layer

For years, the cybersecurity industry has operated on a quiet assumption: AI is a tool. Attackers use it to write better phishing emails. Defenders use it to triage alerts faster. Either way, a human is still in the loop — deciding what to probe, what to exploit, what to do next.

Three weeks ago, that assumption broke.

On April 7th, Anthropic announced Claude Mythos Preview — an AI model so capable at finding and weaponizing software vulnerabilities that the company decided the world couldn't have it. Not yet, maybe not ever. Instead, access is restricted to roughly 50 organizations under a tightly controlled initiative called Project Glasswing.

Here's what that decision tells us — and what it means for the access layer you're trying to protect.

The numbers in Anthropic's announcement are worth reading slowly.

Mythos found thousands of zero-day vulnerabilities across every major operating system and web browser — including a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg that human researchers had missed for over a decade.

But finding vulnerabilities isn't the leap. Security researchers and automated scanners have been finding vulnerabilities for years. The leap is what happened next.

Anthropic's previous flagship model attempted to turn a set of Firefox vulnerabilities into working JavaScript exploits. It succeeded twice out of several hundred attempts.

Mythos ran the same experiment. It produced 181 working exploits.

That isn't an incremental improvement. That's a different category of capability. And Anthropic's own engineers — people with no formal security training — were able to ask Mythos to find remote code execution vulnerabilities, go to sleep, and wake up the next morning to a complete, working exploit. No expertise required. No human in the loop during the actual attack development.

This is the moment the industry has been quietly dreading: AI that doesn't just assist attackers, but autonomously becomes one.

The instinct when reading about Mythos is to file it under "AI research" or "vulnerability disclosure." But that framing misses the more important question for anyone responsible for access and identity.

The perimeter model of security — the idea that you build a wall, keep attackers out, and protect what's inside — was already under pressure. Zero trust emerged because the perimeter kept failing: credentials got stolen, VPNs became attack surfaces, contractors and cloud services blurred the boundary between inside and outside.

Mythos doesn't just put more pressure on that model. It changes the math entirely.

Traditional vulnerability discovery is slow. Human red teamers and automated scanners find issues over days or weeks. That gap — between when a vulnerability exists and when it gets found and weaponized — is the window defenders have to patch. It's always been uncomfortably narrow. With Mythos-class AI, it collapses.

An attacker with access to equivalent capability doesn't need to find the front door. They can systematically scan every window, every lock, every hinge in your environment overnight — and arrive in the morning with a complete key.

What that means for the access layer specifically: every unpatched system in your environment is now a faster-moving risk than it was 30 days ago. As we covered when Patch Tuesday hit 163 CVEs in a single release, the patching pipeline was already struggling to keep up. Mythos makes that problem structural.

There's a harder question underneath the Mythos announcement, and it's one that Anthropic's own decision raises directly.

Project Glasswing gives Microsoft, Apple, AWS, CrowdStrike, and a handful of other large organizations early access to use Mythos defensively — to find and patch vulnerabilities before attackers do. That's the right instinct.

But the 50 organizations in Project Glasswing are already the best-defended in the world. The organizations that most need help — mid-market businesses, healthcare providers, regional banks, manufacturers running legacy infrastructure — aren't in the room. As we explored in The $20 Billion Login, the attackers targeting those organizations are already using AI to scale their operations. The defense side is now catching up — but not for everyone at once.

And adversaries won't wait. State-sponsored groups and criminal organizations are building equivalent tools without safety guidelines. When they do, they won't restrict access to 50 partners. They'll use it against everyone — including the organizations that never got a seat at the table.

Here's the piece that often gets lost in the Mythos coverage: this isn't just a patching problem. It's an identity problem.

When an AI can autonomously develop a working exploit overnight, the attack doesn't stop at the vulnerability. It continues through whatever identity and access controls sit between the attacker and the data they want. A vulnerability is the door. Identity is what's on the other side.

Least-privilege access, network segmentation, and strong authentication don't prevent an AI from finding a way in — but they determine how much damage it can do once it's there. As we covered in The Contractor Access Gap, third-party identities and overpermissioned accounts are consistently the highest-value targets once an initial foothold is established. That dynamic doesn't change with Mythos — it accelerates.

The access layer is your last meaningful line of defense when the perimeter fails faster than you can patch it.

The security practices that matter most right now aren't the complex ones. They're the basic ones, executed with urgency.

Mythos is exceptionally capable at finding vulnerabilities in widely-used, well-documented software — major operating systems, browsers, common open-source projects. That's also where most organizations' unpatched exposure lives.

Three shifts that matter right now:

Ask your team this week: "If an attacker ran an autonomous vulnerability scanner against our environment overnight, what would they find by morning — and how long would it take us to patch it?"

If the honest answer involves months of patch queues, legacy systems with no clear owner, or access controls that rely on perimeter assumptions rather than identity verification, that's the gap to close. Not because Mythos is coming for you specifically — but because the capability it represents will eventually be available to people who are.

Anthropic built something so capable at finding and exploiting software vulnerabilities that they decided the world couldn't have it.

That decision is worth taking seriously — not as a reason to panic, but as a forcing function. The threat environment changed on April 7th. The organizations that respond by tightening their access controls, accelerating their patch velocity, and auditing their legacy exposure now will be in a different position than the ones that wait for the capability to become widely available.

The key to the kingdom has always existed. Now there's an AI that can find it overnight.

Stay ready. Stay resilient.

Until next time,

Alex is a Security Platform Engineer at Everykey with a deep focus on identity architecture and the technical nuances of modern authentication. Alex is passionate about building infrastructure that balances robust security with seamless user experiences. His work explores the "Authentication Paradox" — the idea that as security measures get stronger, they can sometimes create new, invisible vulnerabilities if not implemented with a platform-wide perspective. Alex focuses on making sure the systems we trust are actually worth trusting.

AI has everyone talking. Not everyone has answers. At Gladly Connect Live, CX leaders from Condé Nast, Smith Optics, and more share exactly how they moved AI from pilot to production, the timeline, the systems, the QA loops. 13+ sessions built for the moment we're all in. For CX and ecommerce leaders. Atlanta, May 4–6. Space is limited, secure your spot now.

Register now