When Anthropic quietly hit pause on Mythos – its highly capable AI model for software and vulnerability analysis – the first reaction in a lot of headlines was to reach for science fiction. Social feeds filled with talk of “evil AI hackers” and autonomous cyberweapons that could turn the internet into rubble overnight.
From where Jack Brooks (pictured right), virtual Chief Information Officer (vCISO) at BOXX Insurance, and cybersecurity lead Marcus Fluellon (pictured left) sit, that framing is not just wrong, it could be dangerously distracting.
“Mythos should be understood as a step‑change in vulnerability research and code reasoning speed, not a self‑operating cyberweapon,” says Fluellon. “It’s a really good AI model being used in cybersecurity – but it’s not a public, consumer‑grade hacking tool, and it’s not some AI hacker.”
Rather than unleashing Mythos to the public, Anthropic has ring‑fenced the capability under its Glasswing initiative, giving a small number of large banks and tech firms access in controlled, non‑malicious testing environments. For Brooks, the real story is about where cyber operations are heading.
“If Anthropic can build Mythos, a criminal group can build their own version,” he says. “The point isn’t that Mythos itself is going to break the internet – it’s that we’ve crossed into an era where advanced AI can meaningfully accelerate both attack and defence. Defenders who are still operating on human timeframes are going to lose.”
Fluellon describes Mythos as “a highly capable AI model designed to perform advanced software reasoning being used in a cybersecurity focus” – essentially a frontier‑level threat hunting and vulnerability research tool. It can speed up tasks like code review, exploit‑chain analysis and vulnerability discovery far beyond what typical consumer chatbots can do. That alone explains why Anthropic has treated it as strategically sensitive and refused to release it broadly.
“You don’t pump the brakes like that on something that’s just another chatbot,” Fluellon notes. “They realized what they had and said, ‘We cannot release this publicly right now.’”
Both he and Brooks are adamant about what Mythos is not. It is not a magic “AI hacker” that autonomously runs campaigns end‑to‑end. It is not a guaranteed zero‑day generator that can instantly pop any target on demand. It is not a replacement for human security teams, engineering, or patching processes.
Brooks puts it bluntly: “It’s not the launch of Skynet that’s going to destroy us all next year. What it is, is a super‑advanced threat‑hunting tool. In the right hands, it lets defenders find vulnerabilities faster and take action. In the wrong hands, it would let attackers do the same.”
The uncomfortable conclusion is that the technology itself is not evil, but the operational reality it creates is unforgiving. Once tools like Mythos exist, everyone in the ecosystem has to move faster.
If hype around Mythos feels familiar, that is because it is. Every wave of new technology has come with confident predictions that it will finally make hackers obsolete.
“I’ve been hearing some version of ‘this will get rid of hackers’ since the 1980s,” says Brooks. “We heard it with early automation tools, with cloud, with every new security platform. Now it’s AI’s turn.”
The story has never played out that way. In practice, each generation of tooling has increased the demand for skilled operators on both sides – and AI, Brooks argues, will be no different.
“AI is replacing time and effort, not replacing threat actors,” Fluellon says. “It’s a tool of scale. It lets them do more, faster, and with less skill – but humans are still choosing targets, improvising, and managing the money.”
Most successful incidents still require human decision‑making: choosing which company to go after and when, running multi‑stage intrusions, adapting when a defender responds unexpectedly, speaking to victims by phone, chat, or negotiating and managing extortion and fraud networks. Real‑world exploitation is messy, target‑specific and heavily dependent on timing and access, not something an agent can simply automate away.
“AI is very good at generating content and accelerating workflows,” Fluellon says. “Humans still dominate strategy, judgement and adaptation.”
That human factor matters in another way. For the vast majority of incidents – Brooks estimates north of 95% – the underlying pattern looks surprisingly old‑fashioned.
“These are essentially confidence tricks that were being done long before computers,” he says. “They only work when a human tricks another human. Technology, including AI, just makes that faster and more convincing.”
Where Mythos and other AI models really do change the game is in the economics of cybercrime. The tools are not inventing new attack categories; they are transforming how fast, how widely and how precisely those attacks can be run. “AI hasn’t created entirely new categories of attack,” says Fluellon. “What it has done is radically change the speed, scale and customization of existing ones.”
Phishing is the cleanest example. Messages that once gave themselves away with broken English can now be fluent, on‑brand and tailored to a specific role and voice. With a handful of a CEO’s or CFO’s emails, a criminal can generate a note that sounds convincingly like them. The tired “Nigerian prince” caricature obscures how polished – and how hard to spot – contemporary campaigns have become.
Behind the scenes, AI models are also transforming reconnaissance and preparation. They can digest public and leaked data to build detailed profiles of individuals and organizations, from likely passwords and email formats to supplier lists and payment patterns. Vulnerability descriptions and academic write‑ups that once required a skilled developer to turn into a working exploit can be converted far more quickly into proof‑of‑concept code. Routine tasks like credential stuffing, account enumeration and reconnaissance across cloud services can be scripted with AI assistance rather than painstakingly coded from scratch.
Language is no longer a constraint either. The same playbook can be rolled out across markets and sectors, translated and localized into multiple languages with appropriate idioms, making it far easier to run multinational fraud and social‑engineering campaigns without specialist teams in every region.
“AI increases speed, scale and customization, which directly increases incident frequency and success rates,” Fluellon says. “It absolutely is increasing attacker efficiency and reducing the skill barrier for a lot of tasks.”
That last point worries both men. In the past, meaningful cybercrime capabilities were largely confined to well‑resourced gangs or state actors. Now they see “semi‑skilled” criminals running attacks that would have required experienced operators only a few years ago.
“You’ve got tools doing a lot of the heavy lifting,” Brooks notes. “Someone who couldn’t write a line of code can now generate scripts, refine phishing campaigns, and run reasonably effective operations. That changes who can play this game.”
If attackers are shifting to machine‑speed, defenders who stay on human‑speed are in trouble. Longstanding habits, like delaying security updates to see how other organizations fare with a new patch, become actively dangerous in a Mythos‑style world.
“There’s this old, very common idea that you can wait and see how other organizations do with a new patch before you deploy it,” Brooks says. “In a Mythos‑style world, that’s not appropriate anymore. Even if you patch weekly, you’re at significant risk when someone can weaponize a vulnerability in hours.”
For Brooks and Fluellon, the lesson of Mythos is not that “evil AI” has arrived, but that businesses can no longer treat patching, identity security and email controls as slow, discretionary processes. The margin for error is shrinking as quickly as the time between reconnaissance and exploitation.
“At least for now, most of these AI tools are accelerating existing attack types that are already well understood,” Brooks says. “That means the unsexy basics matter more than ever.”
Those basics are familiar to every security leader, but remain under‑implemented, especially in small and mid‑sized organizations: strong, complex passwords; multi‑factor authentication on everything, particularly for privileged accounts; managed endpoint detection and response that can flag and stop malicious behaviour at machine speed; disciplined patching of internet‑facing systems; email security and anti‑impersonation controls; strong financial processes around payments, including call‑backs and dual approvals; truly isolated, tested backups; and clear, rehearsed incident response playbooks.
