New Zealand's cyber watchdog says it is learning from the US companies who are testing superhacking AI models that have sent US banks rushing to plug holes, and sparked briefings with the Department of Homeland Security.

Heavyweight cyber security firm Palo Alto Networks said its tests on the AI model Claude Mythos found it could detect and exploit years-old software flaws so fast and effectively that the company last week issued a couple of dozen security alerts in a single day, when it usually issues only five or so a month.

The National Cyber Security Centre (NCSC) in New Zealand has warned to get ready for "a significant increase in vulnerabilities and incidents".

"The NCSC recognises the risks and opportunities presented by these new tools and is responding with a number of related workstreams," it told RNZ.

It recently briefed 300 local cybersecurity specialists about so-called 'frontier' AI models.

In April, Mythos's creator Anthropic set up what it called Project Glasswing to release the model to a small group of companies and agencies, including the Pentagon, to test if it could threaten systems behind critical infrastructure by exploiting the likes of 'zero-day' vulnerabilities - so-called because they have existed undetected in code from when software was released, leaving developers 'zero days' to prepare a fix.

Some of this small group are outside the US, but New Zealand's NCSC is not in it.

"The NCSC is not part of Glasswing but we are talking regularly with a range of partners and vendors, including some who are involved with Glasswing, so that we can understand the landscape and provide meaningful advice and guidance on the implications of frontier AI," it told RNZ.

The NCSC said it was engaging with tech companies including developers of frontier models and companies that have had access to preview models like Mythos.

Other frontier models being tested in the US include Claude Opus 4.7 and OpenAI's GPT-5.5-Cyber.

Anthropic said Mythos's hacking abilities just emerged - they were not designed-in - and warned the fallout across economies, public safety and national security could be "severe" if the tool were to fall into the wrong hands.

Critics have said this might just all be marketing hype. Other reports suggested the small group's testing was showing Mythos was expert at chaining together lower-risk vulnerabilities - "daisy-chaining" it is called - into a high-risk vulnerability.

Analysts have said Mythos is of a type of new AI that feels different because it is capable of setting loose its own long-running agents that don't need constant human steering.

On 12 May, Reuters reported that US banks were "rushing to plug cyber holes" flagged by Mythos.

The New York Times said China, foreseeing a threat, had asked for access to Mythos but been denied.

Two days later, cybersecurity news website Nextgov said Anthropic executives had given a live demo to a closed-door briefing of a US Homeland Security Committee.

And on 20 May, https://www.politico.com/news/2026/05/20/nsa-cyber-command-ai-task-force-mythos-00930786 Politico reported] that the Pentagon was racing to weaponise frontier models - ironic as it had been freezing Anthropic out in a dispute over weaponising AI. "The initiative ... underscores the Pentagon's concerns about the sudden emergence of private sector-built AI models that can unearth security flaws in digital systems faster than the world's best hackers," Politico said.

The group that has been allowed access to Mythos includes AWS, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, Palo Alto Networks, and the Linux Foundation.

Vulnerabilities and mitigants

New Zealand's NCSC sits within the Government Communications Security Bureau (GCSB) spy agency.

It told RNZ that as frontier models improve, "they will change the cyber threat landscape for organisations because of the ability for malicious actors to find and exploit vulnerabilities at unprecedented speed and scale".

Its UK counterpart - also known as the National Cyber Security Centre - told organisations there to prepare for a "vulnerability patch wave".

"Organisations must act now to prepare for a wave of patches that will address decades of technical debt," it said, warning that AI was "showing the ability to exploit this technical debt at scale and at pace across the technology ecosystem. As a result, the NCSC [UK] expect there will be a 'forced correction' to address this technical debt across all types of software, including open source, commercial, proprietary and software as a service."

Anthropic said the big threats existed in this patch-up transition phase, and that long-term advanced models would benefit defenders more.

New Zealand's NCSC echoed that, saying in the medium to long term, frontier AI "offers the promise of more secure software code from the outset and a better software development lifecycle."

It added it was engaged with critical infrastructure providers, tech firms and international government partners to drive resilience and preparedness, and had several times put out guidance.

In summary, the advice to organisations is to:

• Patch frequently
• Reduce the "attack surface" and apply defence in depth
• Review the vulnerability management policies of software and system supply chains.
• Frequently monitor for potential compromise.

"These are all standard practices, but organisations need to do them more quickly and more consistently," the NCSC said.

The 'patch wave' would not be business as usual.

"As a result of frontier AI products we anticipate organisations need to prepare for a significant increase in vulnerabilities and incidents. We've already started delivering advice to help organisations prepare."

Sign up for Ngā Pitopito Kōrero, a daily newsletter curated by our editors and delivered straight to your inbox every weekday.