A developer's take on what this means for teams that aren't big tech such as Amazon, Apple or Microsoft
Last week Anthropic did something that hasn't happened in commercial AI before. They built their most powerful model and chose not to release it publicly. The reason ironically is not the lack of demand but rather they genuinely believed the cybersecurity capabilities were too significant to release without a structured plan around it.
In a few weeks of internal testing, this model named Claude Mythos found thousands of zero-day vulnerabilities across every major operating system and browser. Some of these bugs had been sitting undetected for 27 years, surviving millions of automated tests. This doesn't indicate the security teams were asleep. Many of these vulnerabilities were simply deprioritised because finding them used to require a very specific kind of expertise, significant time, and a fair bit of luck. With this new model, it looks like that bar has dropped considerably.
The response from Anthropic was Project Glasswing: a coordinated defensive coalition giving early access to Mythos to Amazon, Apple, Microsoft, Google, Cisco, CrowdStrike and roughly 40 other organisations. The idea is straightforward. Give defenders enough of a head start to patch critical systems before equivalent AI capabilities reach threat actors. It's a reasonable call, probably the right one, but it's also a call that only helps you if you're already part of it.
The reality is most organisations aren't, and that's not a criticism of how Anthropic handled this. It's genuinely the most responsible approach given the circumstances. The conversation about what that means in practice has been pretty thin so far.
The bit about AI that keeps getting left out
Before getting into the risk side of this, I want to say something that I think matters a lot and tends to get lost when people write about AI and cybersecurity: AI works both ways here.
The same capability that makes Mythos useful for finding vulnerabilities makes it useful for fixing them. This includes AI-assisted code review, automated patch generation, faster security testing across large codebases. These aren't theoretical. Teams already building AI into their dev workflows can move faster on remediation than what was possible even a year ago. That's a meaningful shift in the defender's favour. Although Mythos isn't available to us yet, all of this to some extent can be implemented right now with models that are publicly accessible.
So this isn't a story about AI making things worse and humans scrambling to keep up. It's more nuanced than that. The teams that will be in the best position aren't necessarily the biggest ones. They're the ones that have actually made AI part of how they work, not something they're planning to integrate eventually.
That distinction matters a lot for what comes next. Anthropic's own red team makes an interesting historical comparison here. When software fuzzers were first deployed at scale, the concern was that attackers would benefit more than defenders. They did, initially. But fuzzers eventually became a critical part of the defensive ecosystem. Anthropic believes the same trajectory will play out with AI models, with defenders getting more out of these tools over time.
The honest caveat though, and this comes from open source maintainers actually working with these models, is that AI is currently better at finding vulnerabilities than fixing them. Human judgement is still very much in the loop. What AI does is compress the time it takes to get there. The other thing worth knowing is that the setup is simpler than most teams assume. Anthropic's own scaffold for this is straightforward: spin up an isolated container with your codebase, point Claude Code at it, give it a plain prompt. Non-security engineers were doing this overnight and reviewing results the next morning. The barrier to starting is lower than it looks. The gap is not in tooling, it's in whether your team has actually tried it.
Strategy and readiness are not the same thing
Here's what I keep coming back to when I think about how mid-sized organisations are responding to this. Most teams that take security seriously have some version of a strategy. They know they should be doing vulnerability scanning and they recognize that patching matters. They know open source dependencies need monitoring. The strategy isn't usually the problem but readiness is a different question altogether.
Readiness is whether your team can actually execute on that strategy when something surfaces. It's whether the person or team responsible for security has the time, tooling and organisational backing to move quickly. It's whether your deployment pipeline allows you to ship a patch in hours rather than going through a two-week release cycle. It's whether your engineers have used AI in a real remediation workflow before, or whether it's still something they're thinking about trying.
A lot of organisations that would describe themselves as security-aware are not actually ready. And the gap between those two things is where real damage tends to happen.
The numbers that existed before Mythos are a concrete indicator. The average breach takes 204 days to identify. Attacker breakout time fell to 29 minutes in 2025. That's how quickly someone can move from initial access to lateral movement across a network, and it's a 65% drop in a single year.
Less than 1% of the vulnerabilities Mythos found have been patched so far, in an environment with some of the most resourced technology organisations on the planet involved. The readiness gap isn't hypothetical and it is already visible in the data.
The organisations this most directly affects
Mid-sized organisations is a vague category so let me be more specific about who I think is most exposed here and why.
Mid-tier hosting providers running shared infrastructure for hundreds of SMB tenants are a particular concern. These are typically small security teams managing significant infrastructure. One unpatched vulnerability doesn't expose one company, it exposes every tenant on that infrastructure simultaneously. Their clients are making security assumptions about the platform they're running on, often without knowing what those assumptions actually are. Cloud hosting providers that haven't had a proper audit recently are sitting on a supply chain risk they may not have fully mapped.
NBFCs and smaller financial institutions sit in a difficult position. Regulated enough to hold genuinely sensitive financial data, but generally under-resourced relative to the compliance expectations placed on them. They're attractive targets precisely because the payoff is real but the defences are softer than at larger institutions. Fraud losses in financial services are heading toward $40 billion by 2027 and NBFCs are disproportionately exposed in that figure.
State government and municipal systems are carrying a different kind of risk. Legacy infrastructure, procurement that moves at policy speed, citizen data that is politically sensitive and practically valuable. These systems often have vulnerabilities that have been known internally for years but haven't been addressed because the process required to address them is slow and underfunded. The tools to scan for known vulnerabilities already exist at a basic level. What Mythos represents is a significant step up in what becomes possible with moderate technical knowledge, and that capability will not stay contained to a coalition of forty organisations indefinitely.
Education institutions are consistently among the most attacked sectors and among the least resourced to respond. Student records, research IP, federated IT across departments with no unified security posture. Most don't have a dedicated security function. They're heavily dependent on open source tooling and the volunteer maintainers behind it.
Vertical SaaS platforms serving any of these sectors are the multiplier in this picture. A platform built for NBFCs, or school districts, or municipal bodies doesn't represent one attack surface. It represents all of its clients at once. A single breach cascades. These platforms often carry technical debt because the selling point was domain expertise rather than engineering rigour, and they're not in Glasswing either.
What readiness actually looks like right now
I want to be careful not to add another list of security best practices that nobody implements. What I'm more interested in is the readiness question specifically, because I think it's more honest about where most teams actually are.
Being ready means your team has used AI in an actual remediation workflow, not just talked about it. There's a meaningful difference between an engineering team that has shipped an AI-assisted patch and one that has AI tools installed but defaults to existing processes when something urgent comes up. The former will be faster when it matters. Getting there requires doing it before you need to, which is the part most teams skip.
Being ready means knowing your actual remediation velocity, not your intended one. How long does it genuinely take from "vulnerability identified" to "patched in production" in your organisation? Not in theory, not if everything goes well. In practice, including the approval cycles, the deployment process, the communication overhead. If that number is measured in weeks rather than days, that's the thing to fix first.
Being ready means your open source dependency chain has been looked at recently. Project Glasswing is specifically targeting open source because it constitutes the majority of code in modern systems and the maintainers have historically operated without security teams. Anthropic has committed $4 million directly to open source security organisations as part of this. Your stack most likely has open source dependencies. Understanding which ones and how actively maintained they are is a basic piece of situational awareness that has to be prioritized.
Being ready means going back to your vulnerability backlog with a different question. Not "is this exploitable by a skilled attacker with significant time?" but "how quickly could an AI-assisted workflow surface and act on this?" Some items that looked genuinely low priority under the old reasoning look different when you update the threat model.
And being ready means watching what comes out of Glasswing publicly. Anthropic has committed to a 90-day report covering what they found, what got fixed, and how security practices should evolve. For teams without direct Mythos access, that's going to be one of the most practically useful documents to come out of this. It's worth knowing when it drops and actually reading it.
Where things actually stand
Project Glasswing is genuinely well-intentioned and probably the right call given the circumstances. The mandatory knowledge sharing, the open source security funding, the structured rollout rather than a public release seem to be real commitments and they'll matter over time.
But good intentions at the frontier take time to reach everyone. The benefits of Glasswing will filter down over time, through shared findings, vendor advisories and open source patches. But there's an inherent lag in that process. And for teams already running lean, that lag is exactly where the risk lives.
The capability gap between Glasswing participants and broader accessibility of similar AI tools is estimated at around 12 to 18 months. That's not nothing, but it's also not as much breathing room as it sounds if your current remediation cycle runs in quarters and your team hasn't actually run an AI-assisted security workflow before.
Mythos didn't create the vulnerabilities that have been sitting in critical software for decades. It just found them. The 27-year-old OpenBSD bug was always there. The 16-year-old FFmpeg vulnerability survived five million automated tests before Mythos came along. The items in the backlog that got deprioritised were always a risk. What changed is the cost and speed of surfacing them.
The question worth asking right now isn't whether your team has a security strategy. It's whether your team is ready to execute one at the speed this environment now demands. Those are genuinely different things and and if you're being honest about where your team actually is, there is a good chance you'll find a gap.
Closing that gap is the work. AI is one of the better tools available for doing it, on both sides of the problem.
Written in April 2026 after the Anthropic Mythos Preview and Project Glasswing announcement. Data referenced from CrowdStrike 2026 Global Threat Report, IBM Cost of a Data Breach 2025, Verizon DBIR 2025 and Anthropic's Project Glasswing technical documentation.
