The cyber security industry is no stranger to big claims. Every major technology shift arrives with two familiar promises: that it will change everything, and that anyone slow to adapt will be left dangerously exposed. Frontier AI is now getting the same treatment, and Anthropic’s Claude Mythos preview has quickly been framed as either a breakthrough for cyber defence or a worrying new weapon for attackers.
The truth is less theatrical, but probably more important.
Claude Mythos is not unsettling because it behaves like some new form of hostile intelligence. It is unsettling because it is useful. And useful technology, at scale, rarely stays neatly on one side of the fence.
Anthropic’s own work, alongside evaluation from the UK AI Security Institute, suggests that Mythos Preview can reason about vulnerabilities, chain attack paths and assist with exploit development beyond what earlier general-purpose models could manage. That does not mean it was simply “trained to hack”. It means that as models get better at reasoning, planning and understanding software, some security outcomes become easier to reach. That distinction matters because this is not a product quirk. It is a direction of travel.
For defenders, the attraction is obvious. Vulnerability discovery, threat modelling and attack simulation are demanding, time-consuming activities. They need scarce skills, good judgement and enough time to do the work properly. Tools like Mythos could help security teams explore scenarios, identify weaknesses and prioritise action more quickly. For CISOs dealing with skills shortages, ageing infrastructure and constant exposure, this is not an abstract debate about the future of AI. It looks like useful help.
The problem is that the same compression of time and expertise applies to attackers too.
Frontier models do not need to invent exotic new attacks to cause trouble. Many organisations are already struggling with the basics: bespoke enterprise applications, legacy integrations, vendor-supplied middleware, exposed services and operational environments that were designed around availability rather than rapid change. If AI helps attackers join together known weaknesses faster than defenders can respond, that alone is enough to shift the risk.
The real issue is speed.
Vulnerability research that once took days or weeks can now be accelerated. That narrows the gap between exposure and exploitation, especially for internet-facing systems or environments that depend heavily on suppliers. In some cases, the window for action may become so small that traditional remediation assumptions no longer hold.
That should worry security leaders. Many organisations still operate on detection and response models built for slower, noisier attackers, with patching cycles measured in weeks, months or quarters. In an AI-accelerated environment, “time to patch” may no longer be a reliable comfort blanket. “Time to assume compromise” may be the more honest starting point.
This is particularly sharp for government, defence and critical national infrastructure. These sectors often run long-lived technology, constrained maintenance windows, complex supplier chains and safety-critical operations where rapid remediation is difficult. The NCSC has already warned that AI is likely to widen the gap between organisations that can keep pace with emerging threats and those that cannot.
There is, of course, a strong defensive argument for Mythos-class systems. Anthropic’s Project Glasswing is built around using frontier models to uncover weaknesses in widely deployed software before attackers find them. That is valuable work. But finding vulnerabilities is not the same as being resilient.
Discovery only helps when organisations have the governance, engineering capacity and decision-making routes to act on what they find. They still need to triage, prioritise, remediate, test, deploy and monitor fixes. Otherwise AI simply increases the rate at which problems are discovered, while the backlog grows even faster behind it.
For CISOs, the question is not simply whether frontier AI should be used. It is whether the organisation’s operating model can cope with the world it creates.
Three areas deserve attention.
First, the fundamentals become harder to dodge. Asset visibility, configuration management, identity hygiene, logging, access control and patch discipline are not old-fashioned concerns. They are the foundations that stop AI-amplified discovery becoming AI-amplified compromise.
Second, access to frontier models needs proper governance. This is not just a tooling decision for enthusiastic technical teams. Organisations need to know who is using these systems, for what purpose, with what data, and under which controls. Prompt histories containing architectural detail, security assumptions, vulnerability information or supplier dependencies should not be treated as throwaway artefacts. They may become future risk records.
Third, AI-assisted vulnerability discovery should be treated as normal, not exceptional. That means rehearsed response routes, shorter exposure assumptions and decision-making that can move quickly without descending into chaos. Perfect information will rarely arrive in time. Good governance has to support timely action, not become a theatre of delay.
So, is Claude Mythos a clear and present danger?
Not in the cinematic sense. There is no need to imagine an autonomous adversary plotting systemic collapse. The more practical concern is that Mythos is an accelerant, and security has always struggled when the pace changes faster than the operating model.
The real risk is not that organisations use frontier AI. The risk is that they use it without confronting what it reveals about their own fragility.
For organisations with strong governance, disciplined engineering, clear accountability and a realistic risk appetite, models like Mythos may become genuinely useful. For those still relying on partial visibility, slow remediation and optimistic assumptions, they may simply hold up a mirror. And make it much harder to look away.
