The Vulnerability Storm Is Here. Your Patch Cycle Is Not Ready.

Last week, Anthropic announced Claude Mythos Preview and, alongside it, Project Glasswing: possibly the largest coordinated vulnerability disclosure effort in the history of cybersecurity. Mythos autonomously found thousands of zero-days across every major operating system and browser, generated working exploits without human guidance, and did it at a 72% success rate. It discovered a bug in OpenBSD that had been sitting undetected for 27 years.

The Cloud Security Alliance published its response 24 hours later. The paper, “The AI Vulnerability Storm: Building a Mythos-Ready Security Program,” was written by Gadi Evron, Rich Mogull, and Rob T. Lee, with contributions from Jen Easterly, Bruce Schneier, Chris Inglis, Rob Joyce, Heather Adkins, and dozens of CISOs across finance, healthcare, and critical infrastructure. This is not a vendor whitepaper. It is a field-grade warning from the people who built and run the programs defending organizations like yours.

The paper’s core argument is blunt: the assumptions holding your current security program together may already be wrong.

‍

What Mythos Actually Did

To understand why this paper matters, you need to understand what Mythos represents technically.

Previous AI models could assist with vulnerability research. Mythos operates differently on three dimensions. First, it generates exploits without scaffolding — internal Anthropic testing showed Mythos produced 181 working Firefox exploits where Claude Opus 4.6succeeded twice under identical conditions. Second, it chains vulnerabilities together, finding attack paths that require combining multiple memory corruption bugs into a single exploit. Third, it works in a single prompt without elaborate agent configuration or multi-step setup.

The result: Anthropic had to build an entirely new program, Project Glasswing, to give 40vendors early access to Mythos so they could patch their own products before the announcement. The coordinated effort covered major platforms. It still could not cover most of the world’s software.

The time between vulnerability discovery and active exploitation has collapsed to under one day in 2026. Sysdig documented an AI-driven attack reaching admin-level access in eight minutes. AISLE found 12 OpenSSL zero-days, including a CVSS 9.8 flaw introduced in 1998.These are not theoretical projections. They happened.

‍

What the Paper Actually Says

The CSA brief is organized around a simple and uncomfortable observation: attackers gain asymmetric advantage from AI because offense is inherently easier than defense. AI lowers the cost and skill floor for discovering and weaponizing vulnerabilities faster than organizations can patch. The paper calls current patch cycles, response processes, and risk metrics structurally unsuited for this environment.

The priority actions the paper recommends fall into four categories:

Use AI agents now, for offense and defense. The paper is explicit that LLM-based vulnerability discovery is mature enough to start using today. CISOs are told to have agents review their own code immediately and build toward a standing VulnOps capability. This is not positioned as an experiment. It is described as a minimum viable action.

Automate remediation to the degree possible. The volume of incoming patches from Glasswing vendors alone will resemble responding to multiple simultaneous supply chainincidents. Organizations without automated triage and remediation pipelines will be buried.

Harden the fundamentals. Segmentation, egress filtering, Zero Trust, phishing-resistant MFA. The paper’s position is that when patch cycles cannot keep pace, blast radius containment becomes the primary defense.

Protect your team. The paper dedicates a full section to burnout risk. Security teams are being asked to absorb exponential increases in workload without corresponding investment. The authors frame staff attrition as a direct operational risk, not an HR concern.

The paper also introduces a 10-question diagnostic for CISOs to assess actual program state. Questions like: Can your employees use agentic coding tools in the enterprise today, with security guardrails? What is the fastest your organization has made a security-driven production change in the last year? Do you know how to get urgent work prioritized by key third parties?

Most organizations will not like their answers.

‍

Where Security Programs Break Down

The paper identifies the deeper problem behind all of these actions. The operating model of security has not kept pace with the speed of offense.

Security functions that primarily serve as review and escalation cannot execute at the speed this environment requires. Governance cycles built for quarterly procurement cannot fast track defensive AI tooling in response to a threat that emerged this week. Risk metrics calibrated to weeks-long exploitation windows are now reporting the wrong number.

The paper frames VulnOps as a permanent organizational capability, not a project. The same way organizations built Security Operations Centers over the past decade, they now need a standing function built around AI-assisted vulnerability discovery, triage, and remediation. The organizations that build this muscle now will be the ones that meet the next wave on their own terms.

‍

What This Means for Kindo Customers

Kindo is built for exactly this moment.

The AI-native agent harness for SecOps and DevOps is the infrastructure the CSA paper is describing when it says “introduce AI agents to the cyber workforce across the board enabling defenders to match attackers’ speed.” That is not a capability you get by giving analysts ChatGPT access. It requires governed, enterprise-grade agentic orchestration —one that can run inside your environment, against your data, under your control.

What Kindo’s platform enables in direct response to the paper’s recommendations:

Swarm Defense for VulnOps. The paper’s call for AI-driven vulnerability discovery used defensively maps directly to Kindo’s Swarm Defense capability: coordinated AI agents running security assessments at machine speed, continuously, across your environment. Not one-shot manual reviews. Continuous autonomous operation.

Action Chat for analyst augmentation. Every analyst on your SecOps team gets access toan AI operator that can triage alerts, cross-reference threat intelligence, draft incidentreports, and accelerate response — without sending your data to a third-party model. Aireon ran this model and achieved a 34x return on investment in the first year.

On-premises, data-sovereign deployment. The paper flags shadow IT proliferation fromcoding agents as a specific risk, noting that citizen coders building their own infrastructurewill fragment central security control. Kindo’s on-prem and hybrid deployment options keepagentic AI inside your governance boundary, not outside it.

Model-agnostic architecture. The threat landscape is not tied to one model. Mythos is one announcement. The paper explicitly states that comparable offensive capabilities will emerge in other frontier models within months and in open-weight models within six to twelve months. Kindo does not lock you to a single model or a single vendor. When the next capability shift happens, your defensive infrastructure adapts.

The paper’s board-briefing section frames the business case clearly: AI that accelerates attackers also creates a defensive opportunity for organizations that invest. The ones that use AI to find their own weaknesses first, review code before it ships, and respond to incidents faster than any human team can — those organizations become more resilient and more competitive simultaneously.

‍

The Window Is Short

The CSA authors draw an analogy to Y2K: a systemic threat with a hard deadline, met through coordinated and disciplined effort. The difference is that the deadline here is not afixed date. It is the rate at which offensive AI capabilities proliferate.

Project Glasswing covered 40 vendors. The world’s attack surface is orders of magnitude larger. The competitive advantage conferred by early access to Mythos-class defensive tools is real, but it is time-limited. The organizations building VulnOps capability and deploying governed AI agents today are establishing a structural advantage. The ones waiting for the market to mature are accumulating risk at the same pace as their attackers.

The paper’s final recommendation is straightforward: every action in it can begin this week.

So can yours.

‍

Read the full CSA briefing: labs.cloudsecurityalliance.org/mythos-ciso