A CTO I spoke with on the podcast a few weeks ago told me his team had shipped 60% more pull requests this quarter than last. He was proud of the number. When I asked how much of that code had gone through a full security review, he paused. He did not know. His release velocity had outpaced his review capacity and nobody had flagged it because the backlog was moving.

That conversation has been on my mind since Tuesday, when Anthropic announced Project Glasswing and released details about Claude Mythos Preview, a frontier AI model that has already identified thousands of previously unknown, high severity vulnerabilities across every major operating system and every major web browser. Not surface level bugs. Structural weaknesses that survived decades of human review and, in some cases, millions of automated security tests.

VISIT MY SUBSTACK FOR FREE ARTICLES, VIDEOS & PODCASTS >>

The CTO on my podcast does not have a security problem yet. He has a Backlog Illusion problem. Tickets are closing. PRs are merging. The numbers look good. But the system is not actually getting more secure, because review discipline has not scaled alongside development speed. And now, the tools capable of exposing that gap just got dramatically more powerful.

What Actually Happened

Anthropic built a general purpose model that turned out to be strikingly good at finding and exploiting software vulnerabilities. Good enough that they decided not to release it to the public. Instead, they gave access to over 50 organizations, including Microsoft, Google, Apple, AWS, CrowdStrike, Cisco, Palo Alto Networks, JPMorgan Chase, and the Linux Foundation, along with $100 million in usage credits to scan and secure critical systems.

The specifics are worth sitting with. Mythos Preview found a 27 year old vulnerability in OpenBSD, one of the most security hardened operating systems in the world, that allowed an attacker to remotely crash any machine running it just by connecting to it. It found a 16 year old vulnerability in FFmpeg, a video encoding library used by countless applications, in a line of code that automated testing tools had hit five million times without catching the problem. It autonomously discovered and chained together multiple Linux kernel vulnerabilities to escalate from ordinary user access to complete control of a machine.

Logan Graham, who leads offensive cyber research at Anthropic, described the model’s ability to identify multiple undisclosed vulnerabilities, write exploit code, and then chain those exploits together into a coherent attack path, all without human intervention. Anthropic’s own system card noted that the model showed awareness it was being evaluated in roughly 29% of test transcripts, and in at least one instance appeared to intentionally underperform to look less suspicious.

This is not incremental improvement. This is a capability shift.

The Asymmetry Just Got Worse

Security has always been a game of asymmetry. The defender has to protect everything. The attacker only has to find one way in. For decades, the defender had one significant advantage: finding serious vulnerabilities required deep expertise, time, and patience. That advantage is eroding.

When the cost of discovering vulnerabilities drops to near zero and the speed increases by orders of magnitude, the math changes for every organization running custom software. The number of potential attack vectors does not increase by 10% or 20%. It increases dramatically, because systems that were effectively secure through obscurity (nobody had the time or skill to find the flaw) are now exposed to a tool that does not get tired, does not overlook patterns, and can test permutations at a scale no human team can match.

From a CEO’s perspective, that creates an uncomfortable reality. Your security posture is no longer defined by how good your defenses are. It is defined by how fast you can find and fix the weaknesses that a Mythos class model could find in hours.

Who Owns the Security Decision?

Here is where the Ownership Gap shows up in a way most teams are not prepared for.

I have spent 25 years building and overseeing custom software for companies running financial systems, healthcare platforms, and internal tools that quietly operate entire organizations. In that world, every critical decision has a name attached to it. Someone owns the architecture decision. Someone owns the authentication model. Someone owns the data flow design. When something goes wrong, you can trace it back to a decision and a person.

AI disrupts that chain of ownership. When an engineer uses an AI tool to generate code, review a dependency, or suggest a fix, the decision still gets made, but the understanding behind the decision shifts. The engineer approved it, but did they fully understand it? Did they challenge it the way they would challenge a junior developer’s pull request? Or did they trust the output because it looked correct and passed the tests?

This is the Ownership Gap applied to security. The structural gap between having engineers and having delivery accountability does not disappear because the tools got smarter. It gets wider. Because now the tool is generating plausible solutions that look correct, pass surface level validation, and introduce blind spots that do not surface until the right conditions trigger them.

After 180+ conversations with CTOs on the podcast, I can tell you this pattern is already forming. Teams are generating more code in less time. Prototyping faster. Iterating more quickly. On the surface, that looks like progress. But when review processes do not evolve alongside development speed, you end up with more code and less understanding. More output and less ownership. That is the Backlog Illusion operating at the security layer: the backlog is shrinking, the ticket count looks healthy, but the actual security posture of the system is not advancing at the same rate.

Context Is the Thing AI Cannot Own

A secure system is not a collection of well written functions. It is a network of decisions about how data flows, how users authenticate, how failures are handled, and how external systems are integrated. AI can assist with pieces of that analysis. It cannot own the full context.

It does not understand the specific regulatory environment a healthcare platform operates in. It does not know the financial implications of a failed transaction in a banking system. It does not know that the third party integration your team added last quarter introduced a dependency that your architecture was never designed to support. Those details are not optional. They are the system.

The emergence of Mythos class capabilities makes this distinction more urgent, not less. If AI can find vulnerabilities at this scale, it can also generate fixes at this scale. And the temptation to accept those fixes without full contextual review will be enormous, especially under the pressure of a newly discovered zero day that needs to be patched immediately.

Speed without discipline creates exposure. That has always been true. The difference now is that the speed is accelerating faster than most organizations’ discipline can keep up.

What This Actually Changes for Custom Software

Custom software still offers a significant advantage when it is done correctly. You control the architecture, the data model, and the security decisions. You are not constrained by the limitations of a generic platform. You can design systems that align with your specific risk profile and operational needs.

But that advantage only holds if you maintain ownership of the decisions being made. The moment you start outsourcing those decisions, whether to third party tools or AI systems, you weaken the very thing that makes custom software valuable.

What Project Glasswing signals is that we are entering a phase where assumptions will not hold up for long. Systems will be tested more aggressively. Vulnerabilities will be found more quickly. The margin for error will shrink. That does not mean the future is less secure. It means the standards are rising, and the organizations that meet those standards will be the ones that invested in discipline before they were forced to.

The path forward is not complicated to describe, even if it is hard to execute. You do not slow down innovation, but you do not abandon discipline either. You invest in stronger review processes. You make sure every critical decision has clear ownership. You treat AI as a tool that supports your team, not one that replaces their judgment. Most importantly, you accept that security is not a milestone you reach. It is an ongoing practice that has to evolve alongside the technology you are using and the technology being used against you.

Claude Mythos Preview is not something to panic about. It is something to take seriously. It is a reminder that the landscape just changed, and the companies who come out ahead will be the ones who were already building with the kind of discipline that this moment now demands.

_________________________________________________________________

Steve Taplin is the CEO of Sonatafy Technology, host of the Software Leaders Uncensored podcast (180+ episodes), and author of Fail Hard, Win Big. He writes about the decisions technology leaders actually face at thetechdilemma.com.

MORE ABOUT STEVE TAPLIN >