The machines found the bugs — now nobody can fix them fast enough

Ten thousand bugs in thirty days. That's what Anthropic's Project Glasswing update reports Claude Mythos Preview found across 50 partner organisations in its first month of operation, with independent reviewers confirming a 90.6% true-positive rate. The number itself is staggering, but the real story is what happened next: open-source maintainers asked Anthropic to slow down. They couldn't patch fast enough to keep up with the disclosures.

We've spent years worrying about whether AI could find zero-days. Turns out the harder problem is what happens when it does.

The asymmetry

The security industry has always been an arms race, but the pace used to be governed by a shared constraint: human cognition. Attackers and defenders both worked at roughly human speed. That constraint is gone. On the offensive side, Google's Threat Intelligence Group confirmed the first documented case of criminals using an AI model to develop a zero-day exploit, a Python script that bypasses two-factor authentication on a widely used web admin tool. Google says neither Gemini nor Mythos was involved, but the exploit was machine-generated. On the defensive side, Security Affairs reports the average remediation time for a high-severity CVE now sits at 74 days. Attackers are exploiting disclosed flaws within 36 hours.

Seventy-four days versus thirty-six hours. That isn't a gap. It's a structural failure dressed up as a metric.

The parallel from economics is Goodhart's Law: when a measure becomes a target, it ceases to be a good measure. For years, the security industry measured itself by vulnerabilities discovered and disclosed. AI has now made that number essentially infinite, and the metric that was supposed to track progress has become a liability. More disclosures, at this volume, don't make software safer. They make it more exposed.

What makes this worse is that the friction is asymmetric. Attackers face no procurement cycle, no compliance review, no change-management board. They download a model and go. Defenders have to vet the AI tools before deploying them, coordinate with maintainers who may be a single volunteer, and navigate disclosure timelines designed for a world where bugs arrived at human tempo. The way I see it, the defenders aren't losing on capability. They're losing on bureaucracy.

And then there's the detail that ties the whole picture together. Aikido Security published research showing that deleted Google API keys remain usable for up to 23 minutes after revocation, with a median delay of 16 minutes across ten controlled trials. Attackers can exfiltrate Gemini files and cached conversation data during that window. Google's newer credential formats revoke in about five seconds, which means the company knows how to close this gap and has chosen not to. Google marked Aikido's report as "Won't Fix (Infeasible)" and called the behaviour "working as intended."

Twenty-three minutes is an eternity in a world where exploits are machine-generated and attackers move in hours. This isn't a technical constraint. It's a prioritisation choice at a company that is simultaneously warning the world about AI-powered threats.

The uncomfortable conclusion for anyone building products right now: the security equilibrium that held when humans found bugs at human speed is breaking apart, and the replacement equilibrium hasn't formed yet. AI-powered discovery without AI-powered remediation doesn't reduce risk. It redistributes it, from the attacker's effort to the defender's backlog.

If your product depends on open-source libraries maintained by small teams, the 74-day remediation window is your window too. The machines found the bugs. The question is who patches them first.

---