惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

美团技术团队
P
Proofpoint News Feed
WordPress大学
WordPress大学
P
Proofpoint News Feed
宝玉的分享
宝玉的分享
腾讯CDC
罗磊的独立博客
P
Privacy International News Feed
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Latest news
Latest news
C
Cisco Blogs
Project Zero
Project Zero
Apple Machine Learning Research
Apple Machine Learning Research
The GitHub Blog
The GitHub Blog
博客园 - 叶小钗
Spread Privacy
Spread Privacy
博客园 - 三生石上(FineUI控件)
Blog — PlanetScale
Blog — PlanetScale
C
Check Point Blog
博客园 - 聂微东
D
Darknet – Hacking Tools, Hacker News & Cyber Security
T
Tenable Blog
Know Your Adversary
Know Your Adversary
Security Latest
Security Latest
T
The Blog of Author Tim Ferriss
云风的 BLOG
云风的 BLOG
L
Lohrmann on Cybersecurity
IT之家
IT之家
T
Tor Project blog
S
SegmentFault 最新的问题
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
月光博客
月光博客
L
LINUX DO - 热门话题
C
CERT Recently Published Vulnerability Notes
T
Threat Research - Cisco Blogs
A
Arctic Wolf
D
DataBreaches.Net
C
Cybersecurity and Infrastructure Security Agency CISA
博客园 - 【当耐特】
T
The Exploit Database - CXSecurity.com
T
Threatpost
Hacker News - Newest:
Hacker News - Newest: "LLM"
Scott Helme
Scott Helme
博客园 - 司徒正美
Vercel News
Vercel News
H
Help Net Security
N
News and Events Feed by Topic
MyScale Blog
MyScale Blog
Simon Willison's Weblog
Simon Willison's Weblog
P
Privacy & Cybersecurity Law Blog

Forbes - Innovation

Why Do Humans Have Fingerprints? Hint: It’s Not What You Think Booking.com Confirms Data Breach, Reservation PIN Codes Changed Why Major News Sites Are Blocking The Internet Archive’s Wayback Machine iPhone Fold Release Date: New Report Details Frustrating Apple News Comet Tracker: How To See Pan-STARRS And Three Planets On Wednesday NYT Mini Crossword Today: Tuesday, April 14 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Tuesday, April 14 (It’s A Little Unclear) Today’s Wordle #1760 Hints And Answer For Tuesday, April 14 Most Of The Microplastics In Urban Air Come From Tires Today’s Wordle #1759 Hints And Answer For Monday, April 13 NYT Mini Crossword Today: Monday, April 13 Hints And Answers NYT Pips Today: Hints, Answers And Walkthrough For Monday, April 13 The YC Chief Who Codes 10,000 Lines A Day Has A Simple Secret Samsung Expands One UI 8.5 Beta To More Galaxy Owners Why You Should Stop Using Your iPhone If It’s On This List Chamath Says Firms That Treat AI As A Strategy Hand Rivals Their Edge 3 Unexpected Habits Of Secure Couples, By A Psychologist The First Lamp That Folds Your Clothes Samsung’s Disappointing Price Update For Galaxy Phone Buyers 3 Subtle Signs Someone Is Falling In Love With You, By A Psychologist Do Mantis Shrimp See More Colors Than Humans? A Biologist Explains NYT Connections Answers Explained For Monday, April 13 (#1,037) NYT Connections Hints Today: Monday, April 13 Clues And Answers (#1,037) LEGO Luigi & Mach 8 (72050) Review: 2026’s Best Set Yet? Marc Andreessen Says AI Productivity Will Trigger A Hiring Boom 3D Printing Is The Ultimate Hack To Reduce Household Spending Apple iPhone Fold: Striking Design Revealed In Leaked Photos Apple Smart Glasses: New Leak Reveals A Major Design Twist To Beat Meta Tested: The AI Coming To The Rivian R2 Quordle Hints Today: Monday, April 13 Clues And Answers Companies And H-1B Employees Endure Immigration Waits At Consulates 3 Easy Ways To Turn Anxiety Into Sustained Focus, By A Psychologist Here’s The Most Affordable Humanoid Robot You Can Buy Now UFC 327 Results: 5 Biggest Takeaways From A Wild Night In Miami UFC 327 Results, Bonus Winners, Highlights And Reactions Dana White Announces Huge New Fight For UFC White House Today’s NYT Strands Hints, Spangram, Answers: Sunday, April 12 (Get Ready) Tesla ‘Model 2’ Rises From The Ashes Today’s Wordle #1758 Hints And Answer For Sunday, April 12 NYT Pips Today: Hints, Answers And Walkthrough For Sunday, April 12 Tyson Fury Vs. Arslanbek Mahkmudov Results: Highlights and Reaction NYT Mini Crossword Today: Sunday, April 12 Hints And Answers How Shadow AI Culture Is Destroying Your Business Venture Capital Funds That Market Like Startups Win More Deals Conor Benn Vs. Regis Prograis Results: Highlights and Reaction Samsung’s Disappointing Price Update For Galaxy Phone Buyers Artemis Reached The Moon. The Grid Can Reach The 21st Century A Biologist Explains How Archerfish Shoot Down Prey. Hint: Their Aim Rivals Human Throwing Is It Time For Apple To Forget About The MacBook Air NYT Connections Hints Today: Sunday, April 12 Clues And Answers (#1036) Trump’s 2027 Budget To Reshape U.S. Environmental And Energy Policy CDC Delays Reporting Of COVID-19 Vaccine Benefits—Here’s What To Know Oura Has Designed A Solution To A Big Smart Ring Problem Netflix’s Best New Show Has A Near-Perfect 95% Rotten Tomatoes Score Coachella 2026 Is Being Taken Over By Creator Streams Quordle Hints Today: Sunday, April 12 Clues And Answers This Startup Wants To Use AI To Help Digitize History How To Get The Best Shield In ‘Crimson Desert’ Microsoft Venom Attack Targets C-Suite Executives ‘Maul: Shadow Lord’ Sets Even More Star Wars Rotten Tomatoes Records 3 Ways Happy Couples Argue Differently, By A Psychologist Success For Leapmotor Might Have Negatives For Stellantis New Names Surface As Potential Rogue And Wonder Woman In The MCU And DCU 4 Reasons Artemis Mission Matters Even If You Think It Is Wasteful Fast ‘Crimson Desert’ Patch Adds New Moves, Shield Hiding And One Great Feature Why Do Humans Blush? An Evolutionary Biologist Explains The Signal We Can’t Control Apple iPhone Fold: Striking Design Revealed In Leaked Photos Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update iOS 26.4.1 Release: Crucial iPhone Feature Update Arrives, But No Security Fix Fury vs. Makhmudov Full Card, Ring Walk Times and How to Watch Can’t Stand Liquid Glass? This New Hidden iPhone Setting Is A Game-Changer Test-Driving The 2026 Changan Deepal S05: Italian Style Made In China NSA Warning—Reboot Your Internet Router Now Ways That Human-AI Collaboration Slides People Into ‘AI Brain Fry’ And Cognitive Downturns Stop Using These Networks—Google, NSA And TSA Warn NASA Changes Moon Plan: Landing Now Depends On SpaceX Or Blue Origin Samsung Expands One UI 8.5 Beta To More Galaxy Owners The Evolution Of Programmable Hardware At Xilinx NYT Mini Today: Saturday, April 11 Hints And Answers Today’s NYT Strands Hints, Spangram, Answers: Saturday, April 11 (You’re Putting Me On) Splashdown! NASA’s Artemis II Returns To Earth After Moon Mission Attention Is All You Need. The Human Kind Is Still The One That Counts Today’s Wordle #1757 Hints And Answer For Saturday, April 11 NYT Pips Today: Hints, Answers And Walkthrough For Saturday, April 11 Android Circuit: Galaxy S27 Pro Emerges, Honor 600 Pre-Order Offers, Pixel 11 Display Leaks Apple Loop: iPhone 18 Pro Leak, Urgent iOS Update, MacBook Neo Issues Morgan Stanley Has Mostly Positive Outlook On Tesla Robotaxi, FSD V15 Running Out Of AI Tokens Faster Than Ever? Here’s Why CoreWeave Shares Pop 13% After Anthropic Deal ‘Euphoria’ Season 3’s Rotten Tomatoes Score Crashes, Has Lost Key Player People Don’t Agree On What AI Can Do, But They Don’t Even Use The Same Product ‘Overwhelming’—Google Issues Gemini Update For Gmail Users NYT Connections Hints Today: Saturday, April 11 Clues And Answers (#1035) Quordle Hints Today: Saturday, April 11 Clues And Answers The Costly Dream Of Space-Based AI Infrastructure Can You See The Watcher In This ‘Daredevil: Born Again’ Shot? Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update You Just Watched The Backdoor Pilot For ‘The Pitt: Night Shift’ Are Nicotine Pouches Like Zyn And VELO Safe To Use? A Doctor Answers Human Resources (HR) Is The Key To AI Success Per WalkMe ( SAP)
Why AI 'Frontier Models' Are Changing Cyber Defense For Good
Ronan Lavelle · 2026-06-24 · via Forbes - Innovation

Ronan Lavelle, Founder & CEO of Validato.

getty

I'm the founder of offensive security firm Validato, and ​​having worked in the enterprise software and cybersecurity space for over 25 years, I believe we're about to witness a sea change in how we assess and manage cyber risk. The rapid evolution of specialized AI frontier models, like Anthropic's Claude Mythos, trained to identify software vulnerabilities, will fundamentally change the cybersecurity landscape as we know it.

Anthropic recently published its initial findings from Project Glasswing, an industry collaboration with 50 technology firms and enterprises, that showed that its Mythos preview was able to discover over 6,000 high or critical vulnerabilities that were previously undisclosed. Furthermore, Mythos was able to "chain" together vulnerabilities and demonstrate how they could be exploited—all within a fraction of the time that traditional vulnerability management programs take.

Furthermore, Anthropic has indicated that to respond to this, IT and information security teams will need to increase their vulnerability patching cadences, but even then, it's unlikely to be enough. This article explains how vulnerability management is changing and what organizations will need to do to adapt.

Vulnerability Management​

Vulnerability management has been the cornerstone of cybersecurity strategies for the last 10 to 15 years, but it's also one of the main causes of stress and burnout in security teams. This is because it can sometimes feel like a never-ending battle. Almost as soon as a list of vulnerabilities have been patched, new ones emerge. This is only going to get worse with Mythos-era frontier AI models.

​Ultimately, AI models, like Mythos, will lead to a world with fewer vulnerabilities, but in the short-to-medium term, there's likely to be what the U.K.'s National Cyber Security Centre (NCSC) calls a "patch wave" that threatens to overwhelm all but the largest and best resourced IT and security teams.

How To Best Prepare

The U.K.'s NCSC recommends that in addition to attempting to patch vulnerabilities, organizations should focus their attention on the external attack surface—externally visible assets and infrastructure that are often the initial compromise points in cyberattacks.​ There are a range of tools and services that organizations can use to assess their external attack surface risk and then monitor it for changes that might affect their risk posture. Where core services or data processing has been outsourced to third-party vendors, it's necessary to monitor their cyber risk profile as well.

​Anthropic reinforces the recommendations from the NCSC, but goes further, suggesting that in addition to increasing software patching cadence, organizations should look to restrict and harden system configurations, enforce multifactor authentication and maintain comprehensive logging for better detection and response.​​

At the time of writing, the U.S. government has restricted access to Anthropic's Mythos 5 and the newly launched Fable 5 models for all foreign nationals. This means that for non-U.S. organizations and citizens, access to these models will be prohibited. Therefore, non-U.S. software developers won't be able to use these AI models to identify vulnerabilities. For enterprise IT and security teams, I advise following CISA's guidance for identifying known exploited vulnerabilities that have a high likelihood of gaining control and focusing on patching those first.​

​Moving At The Speed Of AI

​While external attack surfaces and third-party cyber risk can be assessed manually, AI-powered vulnerability discovery and potential exploitation is going to move too fast for cyber defenders to not employ automation to help them.

​Some in the cybersecurity community say that you need to "fight AI with AI" in order to keep up with the rapidly changing threat landscape, but that's if cyber defenders try to detect and protect against every aspect of known attacks. The traditional focus on indicators of compromise (IoCs)—the digital fingerprints of an attacker, like the IP addresses and malware hashes that are used—was previously effective at detecting and blocking attacks. That can't be assumed in the future.

Cyber defenders were already exhausted keeping pace with everchanging IoCs and vulnerabilities—that's just set to get worse.​

Behavioral Cyber Defense

​What's needed is a change in defensive thinking from being reactive to proactive and from focusing on IoCs and vulnerabilities to adversarial behaviors.

Thankfully, there's an almost universally adopted framework that maps out adversary behaviors already, called MITRE ATT&CK. By aligning defenses according to MITRE ATT&CK techniques, defenders stand a better chance of detecting and preventing attacks in the future. The techniques revolve around hardening or restricting access to functionality that threat actors would otherwise have exploited. When Anthropic talks about system hardening and improving system log data fidelity, the best way to implement this is using the MITRE ATT&CK framework as your reference point.

Anthropic also recently released an analysis by its security team on cyber adversary groups that use LLMs to automate attacks. The interesting thing to note about this analysis was that the top 25 adversarial behaviors still map directly to the same ATT&CK techniques in Windows, Linux and Mac environments that more traditional human and bot-based attacks exploit. The good news for cyber defenders, therefore, is that for the time being, there's still scope to harden and restrict these system configurations to prevent LLMs, bots and humans from using them in your environment.

​Conclusion

​Since Claude Mythos was announced to the world earlier in 2026, other frontier AI models that are trained on discovering software vulnerabilities, from OpenAI, Google and others, are emerging.

The time required to scan, identify and potentially exploit vulnerabilities has shortened dramatically from weeks to days or hours with frontier AI models. IT and information security teams will need to prepare themselves to increase their vulnerability patching cadences, but also to look at alternative ways to protect their networks, assuming that more vulnerabilities will be exploited by threat actors.​​


Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?