A few weeks ago the world was exposed to Mythos, Anthropic's new frontier model and the Project Glasswing announcement that came with it.
The reaction across the industry was immediate. Cybersecurity stocks fell sharply. The Treasury Secretary convened an emergency meeting with major bank CEOs. 250 CISOs produced a response playbook over a single weekend.
That is not a typical announcement or a PR "leak". That is a reckoning.
Then, about a week later, I came across MOAK. If Mythos is the earthquake, MOAK, for me, was the aftershock that shows the ground has already shifted.
Built by security researchers Yair Saban and Niv Hoffman, MOAK (Mother of All KEVs) is a proof of concept that demonstrates something most people weren't ready to hear: you don't need Mythos to have a serious problem. Using publicly available models, including Claude Opus 4.6 and GPT 5.4, it shows that agentic workflows can already autonomously exploit known vulnerabilities with no human in the loop.
No special access needed. No frontier model required.
In this post I want to talk about what both of these things are actually telling us, and why I think the industry is at risk of drawing the wrong conclusion.
The End of CVE Chasing
The instinctive reaction to Mythos is: we need to patch faster. That instinct is understandable. It is also exactly the wrong frame.
Security teams have spent years organizing around a model that goes: wait for a CVE, score its severity, add it to the queue, remediate in priority order. It is rational given the volume of disclosures. But it assumes defenders have time to react. According to Google Mandiant, average time-to-exploit dropped from 63 days in 2018 to just 5 days in 2023.
As alarming as that is, things are much worse for high-profile vulnerabilities, where the time between disclosure and active exploitation is measured in hours. Over 99% of the vulnerabilities Mythos has found remain unpatched.
Patching faster doesn't solve a 5-day window when your inventory is incomplete and your triage queue is three weeks long.
But the timeline is only part of it. The deeper issue is what CVE lists don't capture. Assets with no CVE but dangerous misconfigurations. Infrastructure that is externally reachable but was never inventoried. Acquired companies whose exposure was never mapped. A security program organized around CVE remediation is optimized for a subset of actual risk.
Mythos doesn't care about your subsets. Neither does any attacker.
Zero-Day Exploitation, Democratized
Developing a working zero-day exploit has always required serious resources: deep technical expertise, time, and access to private research. That kept the barrier high enough that, until recently, 53% of attributed zero-day exploitation came from nation-state actors. The remaining share came from well-funded commercial surveillance vendors and sophisticated criminal groups.
The common thread: capability that most threat actors simply couldn't reach.
That barrier is gone.
To understand what the new frontier looks like, the UK's AI Security Institute independently evaluated Mythos. It became the first model to complete their 32-step corporate network attack simulation end-to-end. The AISI estimated the simulation would take a human professional 20 hours. Mythos completed it autonomously.
Mythos made the scale of this visible. But MOAK research makes it actionable. Claude Opus 4.6 and GPT 5.4, models available to anyone with an API key today, already show autonomous exploitation rates of around 80% against real-world KEVs.
So what do it mean? It means that the capability Anthropic is trying to contain in Mythos already exists in in the open market.
Good news everyone, zero-day exploitation has been democratized.
Beyond CVEs
If CVE chasing is the wrong model, what replaces it?
Start with a different question. Not "what vulnerabilities do we need to patch?" but "what can actually be used against us right now?"
This is the question attackers ask. It is the logic agentic AI follows.
A CVE without external reachability is theoretical and largely irrelevant. Real risk is the intersection of what you expose, what is reachable from the outside, what is actually exploitable.
Mythos and MOAK don't consult your patch queue. They find what is reachable, confirm what is exploitable, and move in.
Defenders have had many wake-up calls to look beyond CVE scores. This might be the final warning. The attack surface that matters includes misconfigurations, expired certificates, services with default credentials, APIs with no authentication on infrastructure nobody remembered to decommission... and many other attack paths that chain low-severity findings into critical access.
None of these require a CVE number to be dangerous. Agentic AI will test all of them at scale, exploiting each opening in sequence, starting from the outside and working their way in.
What This Means in Practice
When an AI model can complete a 32-step network attack autonomously, the question of how many CVEs are in your remediation queue becomes the wrong question entirely. The right one is simpler: which of your exposed assets can actually be exploited right now?
That is the shift continuous threat exposure management (CTEM) is built around. Not periodic scanning against a known inventory, but continuous outside-in visibility into what is reachable and what is validated as exploitable.
Getting ahead of this means stopping organizing around remediation queues and starting to look at your environment the way an attacker would: from the outside, without the benefit of an internal asset inventory, finding what is reachable before someone else does.
Mythos and MOAK make the same argument from different directions. The threat is no longer constrained by attacker expertise, and it is no longer limited to what appears on a CVE list. Outside-in, continuous, validated exposure management is not a feature. It is the foundation.
If you want to see how CyCognito approaches this problem, click here to schedule a 1:1 demo.
