Mythos changes nothing. And that is exactly the problem.
Mythos finds thousands of flaws in code that has been shipping for twenty years. The real scandal is not the AI. It is that it takes a $20,000 AI to uncover what basic engineering practices should have prevented.

For two weeks, the cybersecurity community has been debating Mythos, Anthropic's model capable of finding and exploiting software vulnerabilities autonomously. Thousands of zero-day flaws uncovered in operating systems and browsers that armies of developers had missed. The debate is predictable: does it favor attack or defense? Is it hype or a genuine breakthrough? Can we trust fifty companies to keep working exploits under lock and key?
These questions are legitimate. They also miss the point.

The incremental-step syndrome
Mythos is an incremental step in a long series of incremental steps. The problem is that we have spent five years treating each step as an isolated event, without ever looking at the cumulative shift. We discover vulnerabilities automatically today. We exploit them automatically today. We marvel at it, and in six months we will have forgotten that we marveled at it, because the next model will do the same thing better and the baseline will have moved again.
This constant drift makes any proportionate response impossible. If every advance is "incremental," then none of them justifies a structural response. We stay in the register of commentary, of analysis, of "wait and see." And in the meantime, offensive capabilities are becoming commoditized at a pace that renders existing defensive architectures progressively obsolete.
AI finds the simple bugs. The problem lies elsewhere.
Let us be precise about what Mythos actually does. The model excels at finding variations of vulnerabilities within well-documented classes. The "known knowns." Patterns that fuzzing and static analysis tools were already hunting for, but with greater coverage and speed. It is impressive. It is also the easy part of the problem.
The "unknown unknowns," the Black Swan attacks that can only be discovered through reasoning because no pattern exists in the training data, remain out of reach. AI does not reason about what it has never seen. It extrapolates from what it knows. Which means that the most dangerous vulnerabilities, the ones that redefine categories instead of exploring their variants, will remain the domain of human intelligence, offensive and defensive alike.
But here is the real problem: even if AI finds "only" the simple bugs, the attacker needs just one success. The defender has to find them all. If offensive AI detects a random bug with 1% efficiency, the attacker wins systematically across a large enough portfolio of targets. The fundamental asymmetry between attack and defense is not solved by AI. It is mechanically amplified.
Software is still not a product. And that is the scandal.
The question the industry refuses to ask is nonetheless obvious: if AI is capable of finding thousands of critical vulnerabilities in code that has been deployed in production for twenty years, why do we not require its use before anything goes to market?
Compare with any other field of engineering. An aeronautical safety engineer stakes their career on every certification. A medical-device designer takes on criminal liability. An industrial safety engineer signs documents that hold them personally accountable for the compliance of their designs. The requirements for training, certification and legal liability are massive. The salaries, paradoxically, are often lower than in the software industry.
On the other side, a software developer ships to production on a Friday night. Management optimizes for lines of code per person per day, with no regard for quality or security. The market rewards speed. Contract terms relieve the supplier of any substantial liability. Software, legally, is not a product. You cannot hold it in your hand, so consumer protection laws do not apply, or applied poorly until very recently.
The European Cyber Resilience Act is beginning to change this. But the cultural resistance is colossal. The software industry was built on a business model where quality is externalized onto the end user. You ship, you will patch later. You find a bug, it is a "feature." And when AI finds thousands of flaws in your code, the reflex is not to ask why they were there. It is to debate whether the AI that found them is a threat or an opportunity.

The patchable, the unpatchable, and everything in between
There is a distinction in the current debate that deserves a pause: the difference between the systems we can patch and the ones we cannot.
Your browsers, your phones, your major cloud services: patchable, verifiable, quick to deploy. For these systems, defensive AI will probably end up delivering a net benefit. We will find faster, we will patch faster, the cycle will shorten.
But there is everything else. Connected cars. Electrical transformers. Industrial control systems. IoT equipment that was never designed to receive an update. Legacy banking systems that have been running for thirty years on code no one fully understands anymore. These systems will not disappear. They will not be replaced within the six to eighteen months during which Mythos-style capabilities are becoming commoditized. And protecting them takes something other than AI: network segmentation, compartmentalization, least privilege. Principles that are twenty years old and that we have spent the last decade neglecting in favor of agility and interconnection.
It is not AI that makes these principles obsolete. It is AI that makes their absence inexcusable.
Fifty companies and one exploit
Anthropic is not making Mythos public. The model is shared with fifty companies. Fifty organizations, thousands of employees, with access to a system capable of producing working exploits against software everyone uses.
The risk-management question is clear-cut: how long before an exploit produced in this setting ends up in unauthorized hands? This is not cynicism. It is arithmetic. Fifty companies, subcontracting chains, service providers, interns, disgruntled employees, compromised accounts. The trust perimeter is enormous. And the history of information security teaches us one thing with depressing regularity: what can leak eventually leaks.
What Mythos really reveals
Mythos does not create a new problem. It makes an old problem impossible to ignore. We produce software with the quality standards of a cottage industry and we deploy it in critical infrastructure. We connect to the Internet systems that were never designed to be exposed to it. We refuse to apply to software engineering the requirements we impose on every other engineering discipline. And when an AI finds thousands of proofs that this approach is broken, we debate the AI instead of debating the approach.
The real question is not whether Mythos favors attack or defense. It is why, in 2026, it takes a $20,000 AI model to uncover flaws that should have been found by basic engineering practices twenty years ago.
Questions fréquentes
Is Mythos a major technological breakthrough?
No, it is one more incremental step in a long series. The problem is not the isolated event but the cumulative shift in offensive capability that we have stopped measuring.
Can AI find every vulnerability?
No. It excels at variations of well-documented classes (the known knowns), with greater coverage and speed, but it has no access to the unknown unknowns that require reasoning about what has never been seen.
If AI only finds the simple bugs, where is the danger?
In the asymmetry: the attacker needs only one success, the defender must find them all. Even at 1% efficiency, the attacker wins across a large enough portfolio of targets.
Why does the author speak of a scandal rather than an AI threat?
Because if an AI finds thousands of flaws in code that has been in production for twenty years, the real question is why software still escapes the quality and liability requirements imposed on every other engineering discipline.
What does it take to protect systems you cannot patch?
Something other than AI: network segmentation, compartmentalization and least privilege. Principles twenty years old, neglected in favor of agility and interconnection.
Sources & méthodologie
- Anthropic, Mythos / Glasswing :
- Cyber Resilience Act (Union européenne)

Être en cybersécurité
Une feuille de route cyber en clair, pour tout le monde, pas seulement les experts.
