The Mythos Discovery: What It Means for Vulnerability Disclosure
AI just broke vulnerability disclosure at scale. Earlier this month, Anthropic’s Claude Mythos Preview AI model discovered 27-year-old bugs that survived decades of human review. Now the industry’s top security leaders are calling it a watershed moment. Here’s what software vendors need to know.
What Happened
On April 7, 2026, Anthropic announced something that got everyone’s attention: their Claude Mythos Preview AI model autonomously discovered thousands of vulnerabilities across every major operating system and browser.
The numbers tell the story:
-
27-year-old bugs – vulnerabilities in OpenBSD that survived decades of human review
-
99% still unpatched – not because the fixes are hard, but because disclosure can’t keep pace
-
72% exploit success rate – Mythos generated 181 working Firefox exploits
-
Complex chains – multi-hop exploits requiring several vulnerabilities chained together
Anthropic immediately launched Project Glasswing – a $100 million consortium with AWS, Apple, Microsoft, Google, and JPMorgan Chase – just to coordinate disclosure.
Ten days later, the Cloud Security Alliance, SANS Institute, and over 100 CISOs from organizations like Google, Microsoft, CISA, and the NSA published emergency guidance titled “The AI Vulnerability Storm: Building a ‘Mythos-ready’ Security Program.”
The industry’s top security leaders are treating this as a watershed moment.
They’re right.
What Makes Mythos Different
This isn’t the first AI to find vulnerabilities. Google’s Big Sleep, XBOW, and others have been at it since mid-2025.
But Mythos represents a capability jump:
No scaffolding required.
Previous tools needed elaborate agent frameworks and human configuration. According to Anthropic, Mythos works with a prompt that essentially amounts to “Please find a security vulnerability in this program.”
Complex exploit chains.
It identifies multi-step vulnerabilities that chain several separate flaws together – the kind humans struggle to find.
One-shot exploitation.
181 working Firefox exploits compared to Claude Opus 4.6’s 2 successes under identical conditions.
But here’s the critical point from the CSA report:
“Mythos is likely one of many changes coming to cybersecurity risk. If not already underway, seriously consider incorporating Mythos and its implications into your strategy.”
This isn’t a one-time event. It’s the first wave.
Why This Matters for Vendors
The time to exploitation has collapsed.
The CSA document includes the “Zero Day Clock” – a visualization showing exploitation timelines dropping from weeks in 2020 to hours in 2026.
When Sergej Epp (CISO, Sysdig) and colleagues published this data in March, time-to-exploit was already under 24 hours. Mythos accelerates that further.
For vendors, three assumptions just broke:
Assumption 1: Coordinated disclosure timelines work
The 90-day disclosure window assumes manual discovery and human-paced response. When AI finds thousands of bugs simultaneously, that model fails.
Assumption 2: You’ll know if you’re affected
Mythos analyzed open-source libraries and common dependencies. If you use standard development tools, vulnerabilities likely exist in your stack right now.
Assumption 3: Your current process can handle the volume
The CSA report is blunt: “Prepare to respond to more incidents. Run tabletop exercises for multiple simultaneous high-severity incidents occurring within the same week.”
Most companies handle 5-10 vulnerability reports annually. They’re about to receive 5-10 simultaneously.
The infrastructure is already feeling the pressure. On April 15 – eight days after the Mythos announcement – NIST announced updates to NVD operations to address record CVE growth. CVE submissions increased 263% between 2020 and 2025. The first three months of 2026 were nearly one-third higher than the same period last year.
NIST enriched nearly 42,000 CVEs in 2025 – 45% more than any prior year – but this increased productivity is not enough to keep up with growing submissions. The National Vulnerability Database is now prioritizing KEV catalog vulnerabilities, federal software, and critical infrastructure. Other CVEs will be enriched as resources allow.
This shift happened before Mythos-discovered vulnerabilities start hitting the CVE stream.
The Regulatory Convergence
This isn’t happening in a vacuum.
Three major regulatory frameworks now require coordinated vulnerability disclosure:
-
NIS2 (Europe) – mandatory disclosure processes
-
Cyber Resilience Act – product security requirements
-
US BOD 20-01 – federal vulnerability handling
The CSA report notes: “When AI can find significantly more vulnerabilities at accessible cost, the standard of what constitutes reasonable defensive effort shifts.”
Boards will face questions about whether they used available AI tools for defensive scanning. Not using them may constitute negligence.
The Hopeful Part (And It’s Real)
Here’s where the CSA guidance gets interesting.
The same AI discovering vulnerabilities can help you find them first. The report explicitly calls for “VulnOps” – a dedicated function using AI agents to continuously audit your own code.
The shift-left opportunity:
Right now we’re experiencing the painful transition – AI discovering decades of accumulated bugs. The disclosure system is overwhelmed.
But the next phase looks different:
Before production: AI analyzes code during development. Security issues get fixed in pull requests, not after deployment.
The backlog clears: Once these 27-year-old bugs are patched and AI is integrated into development workflows, the volume stabilizes at a much lower baseline.
Quality floor rises: When every pull request gets AI security analysis, entire classes of vulnerabilities become preventable.
The CSA report states: “Unlike defensive AI technologies, LLM-based vulnerability discovery capabilities are already mature and can be used to your advantage. Start immediately.”
What Vendors Should Do Now
The CSA document lays out a 90-day plan. Here’s generally what it looks like:
Week 1: Point AI at Your Own Code
Use the same tools attackers will use:
-
Commercial: Claude Code Security (Anthropic), Codex Security (OpenAI)
-
Open source: OpenAnt (Knostic), raptor, Trail of Bits agentic skills
Start by asking an agent to security-review any code. Build toward full CI/CD integration.
This Month: Build Intake
Most companies have no clear vulnerability reporting path. Fix immediately:
-
Create security@yourcompany.com
-
Publish security.txt at /.well-known/security.txt
-
Set up auto-acknowledgment templates
-
Document internal routing
Time investment: 2 hours
Impact: Prevents 90% of disclosure problems
45 Days: Prepare for Continuous Patching
Glasswing gave 40 vendors early access to Mythos. When they publish patches for AI-discovered vulnerabilities, expect a flood.
The CSA report: “Prepare triage and deployment capacity to handle a potential flood of patches as new critical vulnerabilities are disclosed.”
90 Days: Prioritization Beyond CVSS
Here’s the thing: your security metrics were built for pre-AI timelines. The CSA document doesn’t mince words:
“Review and update security risk metrics, reporting, and business risk calculations to reflect AI-accelerated exploit timelines and attack complexity.”
CVSS was built for a world where humans found vulnerabilities. It tells you severity. It doesn’t tell you what to fix first.
I wrote about this challenge in February – the need to move beyond CVSS scores and focus on real-world risk factors:
-
Exposure: How accessible is this to attackers?
-
Impact: What happens if it’s exploited?
-
Exploitability: Is there a public Proof of Concept (PoC)? Is it in KEV?
-
Threat signals: Is anyone exploiting this in the wild?
When AI can discover thousands of vulnerabilities simultaneously, manual prioritization breaks. You need a framework that evaluates all four dimensions together.
I’ll cover how to build that prioritization framework in my next post. The AI vulnerability era requires AI-speed triage.
6 Months: Harden Fundamentals
The basics still work:
-
Segmentation – limits blast radius
-
Egress filtering – blocks payload downloads and command-and-control callbacks
-
Phishing-resistant MFA – across all authentication
-
Zero Trust architecture – where possible
Every boundary increases attacker cost.
The Human Element
Here’s something most technical documents won’t talk about: burnout.
The CSA report is direct:
“Burnout and attrition in security functions represent a direct operational risk. The expertise needed to navigate this transition is scarce, takes years to develop, and is not replaceable on short timescales.”
Security teams are caught in a squeeze:
-
AI accelerating vulnerability discovery
-
Increasing patch volumes
-
Uncertainty about their roles
-
Pressure to integrate AI into workflows
The guidance is clear: re-prioritize, automate, and protect experienced staff.
This isn’t just about tools. It’s about sustainable response.
What Comes Next
The CSA document puts it plainly: “Mythos is likely one of many changes coming.”
Other AI models will match these capabilities within months. Open-source versions within 6-12 months.
Vendors who build disclosure processes now will handle the transition smoothly.
The ones who wait will face crisis after crisis.
Where I’m Headed
I’m writing The Vulnerability Disclosure Handbook – a comprehensive guide to coordinated vulnerability disclosure for vendors. It covers everything from “what to say in the first 24 hours” to building lightweight PSIRTs to handling active exploitation.
The Mythos announcement – and the industry’s response through CSA, SANS, and major CISOs – made this work more urgent than I expected.
Soon, I’ll share the vulnerability prioritization framework vendors need when AI-discovered reports arrive at scale. It builds on the principles I introduced in February, adapted for the reality of thousands of simultaneous vulnerability reports.
For now: if you build software products, read the CSA Mythos report. Then start building your disclosure process.
You’ll need it sooner than you think.
About the Author
