Anthropic has crossed a line
TL;DR
Anthropic’s Mythos looks like a real step change — David Shapiro says leaked benchmarks suggest jumps like 80% to 93% saturation and 53% to 65%, framing it as the kind of leap people felt from GPT-3.5 to GPT-4.
Glass Wing is the part that made Anthropic ‘cross a line’ — Anthropic is reportedly giving early Mythos access to about 40 major companies like Microsoft and Oracle because the model can uncover serious cybersecurity flaws before the public is ready for them.
The headline risk is zero-day discovery at scale — Shapiro points to reports that Glass Wing found thousands of unpublished day-zero exploits, including a 27-year-old vulnerability in FreeBSD and a 16-year-old issue in FFmpeg.
Attackers get the short-term advantage, defenders win over time — His core security take is that hackers adapt faster at first, but big vendors like Cisco, Dell, IBM, Microsoft, and Oracle will use the same AI tools to harden products, shrink attack surfaces, and automate defenses.
Humans are still the weakest link, not the firewall — Shapiro leans on old IT jokes like ‘layer 8 issue,’ ‘PEBCAK,’ and ‘ID10T’ to argue that phishing, social engineering, and inconsistent human judgment will keep driving the most expensive breaches.
AI in enterprise security is best understood as a new automation layer — Rather than treating Mythos as sci-fi doom, he says firms will use LLMs for things like log analysis, penetration testing, email inspection, vendor bulletin lookup, and eventually ‘Ghost in the Shell’-style intelligent firewalls.
The Breakdown
Mythos looks bigger than a routine model upgrade
Shapiro opens by saying the Mythos rumors aren’t just incremental. He cites benchmark jumps of roughly 20%, including movement from 80% to 93% saturation and 53% to 65%, and says it feels more like the leap from GPT-3.5 to GPT-4 than a normal version bump. He also notes the rumor that it’s a 10 trillion parameter model, which to him says scaling is still very much alive.
Glass Wing is the real story — and the reason people should pay attention
What makes this release different, he says, is Glass Wing: an early-access Mythos preview reportedly shared with around 40 industry giants like Microsoft and Oracle. Anthropic’s logic, as he describes it, is blunt — the cybersecurity risk is serious enough that major vendors need time to patch vulnerabilities before the model is widely available. That’s the moment Shapiro frames as a line being crossed.
Thousands of zero-days, including ancient bugs nobody caught
He zooms in on the examples that made him sit up: Glass Wing allegedly found thousands of day-zero exploits that Anthropic isn’t publishing publicly. The standout anecdotes are a 27-year-old vulnerability in FreeBSD and a 16-year-old exploit in FFmpeg. For anyone in IT, cybersecurity, or national defense, he says, this is the kind of news that instantly changes your posture.
Why he thinks this matters: this used to be his job
Shapiro then grounds the whole take in his own background as a former IT infrastructure engineer responsible for keeping data centers and core systems running. He’s careful not to overplay credentials, but he makes the point that he used to be the person on the calls with directors, database teams, app teams, and security teams deciding what actually mattered. That gives the recap a practical, operator’s lens rather than a hype-cycle one.
AI won’t ‘hack’ directly as much as it will supercharge hacking workflows
One of his key clarifications is that most people imagine AI as the hacker, when in reality it’s more useful for writing scripts, analyzing telemetry, and finding patterns across software and network layers. He breaks security down into the software side and the network side — Windows and Outlook on one hand, Cisco switches and firewalls on the other — and says Mythos-class systems will make both offensive and defensive analysis much faster.
CISOs panic first, then vendors start shipping guidance
In his telling, the first reaction inside large companies is simple: “panic a little bit.” But because most Fortune 500 firms outsource deep expertise to vendors like VMware, Microsoft, Dell, Oracle, IBM, and Cisco, the real response becomes a flood of security bulletins, mitigations, and best-practice reviews. His point is reassuring but not dismissive: many scary vulnerabilities are only severe if other controls have already failed, so disciplined hygiene still goes a long way.
Attackers move faster now, but defenders get the home-field advantage
This is his central strategic point: agentic coding and AI-assisted security create a temporary edge for attackers because they can adapt quickly. Over time, though, every serious vendor and internal security team will use the same tools for automated penetration testing, log analysis, packet inspection, and hardening. He compares it to warfare where defenders eventually have the home-field advantage — especially when they can fight fire with fire.
The real problem is still the human at layer 8
Shapiro’s most animated section is about people being the weak point. He reaches for classic IT jokes — layer 8 issues, PEBCAK, ID10T — and says the costliest breaches usually come from tricking a person, not cracking a system. His analogy is a Subaru driver-assist system: AI can automate the safety checks humans should already be doing, making security more consistent because machines don’t get lazy, complacent, or overconfident.
From email screening to Ghost in the Shell firewalls
He closes by arguing that enterprises should see all of this as a new automation layer, not as a reason to shut everything down. LLMs can inspect email chains, verify whether a sender has ever appeared in your systems, read logs dynamically, and even connect new anomalies to fresh vendor bulletins. Longer term, he says, we’ll likely have AGI-like systems embedded in networks — basically Ghost in the Shell-style “attack barriers” — and eventually humans in the loop may become negative expected value because they add delay and mistakes.