In roughly one month of testing under Project Glasswing, Anthropic's restricted frontier model Claude Mythos Preview has helped surface more than 10,000 security flaws across some of the most heavily defended software on earth — including products from Apple and Mozilla. That number, reported at the end of May 2026, is not a research curiosity. It is the clearest signal yet that the cost of finding a serious software vulnerability has collapsed, and that the imminent risk lands hardest on businesses with anything publicly exposed and not fully patched.

If you run a small or mid-sized business in Canada or the United States, the temptation is to file this under "big-tech problem." It is the opposite. The fact that even Apple and Firefox — companies with elite security teams and nine-figure security budgets — are turning up thousands of latent flaws tells you something uncomfortable about the software you run: your firewall, your VPN, your email server, your website's content management system, your accounting platform, your point-of-sale terminal. The same capability that found 10,000 flaws at the top of the market will eventually be pointed at the long tail, where most SMBs live.

This article is a plain-English briefing on the risk Mythos-class AI poses to your business right now — and the second-order risks that follow it, including new strains of malware and a coming wave of phishing and social engineering running at machine speed. It is the umbrella over incidents we have already covered: Mozilla's 423 Firefox fixes in April and the five-day Apple M5 kernel exploit. The 10,000 number is what those two stories look like when you stop counting incidents and start counting the trend.

What Claude Mythos Found in Its First Month

In approximately its first month of controlled testing, Claude Mythos Preview helped identify more than 10,000 security flaws across major vendors' software, with confirmed, high-volume results at companies including Apple and Mozilla. Mythos is not commercially available; Anthropic released it only to Project Glasswing, a closed consortium of operating-system vendors, browser makers, financial institutions, and government partners on both sides of the Canada–US border, so that defenders get a head start before similar capability reaches the open market or bad actors.

A few facts give the 10,000 number its weight:

  • The breadth is the story. This is not one product or one bug class. Mythos surfaced flaws across operating systems, browsers, and common business software — the same categories every business depends on daily.
  • The targets were hard. Mozilla shipped 423 Firefox security fixes in a single month, 271 of them found by Mythos — roughly 20 times its 2025 monthly average. A separate research team chained Mythos-assisted bugs into a working macOS kernel exploit on Apple M5 silicon in five days, defeating a hardware protection Apple spent years building.
  • The economics inverted. For 25 years, finding a high-severity flaw took a senior researcher days or weeks. That scarcity is what kept attacks expensive and disclosure timelines manageable. Mythos finds, validates, and reproduces flaws at machine scale — including bugs that survived decades of conventional testing.

This is the same dynamic we first flagged when Claude Opus 4.6 surfaced 500+ unknown vulnerabilities in open-source software. Mythos is that capability an order of magnitude further along, applied to the hardest targets in the industry — and then reported in a single, hard-to-ignore headline number.

Why Anything Publicly Exposed and Unpatched Is Now at Higher Risk

The most immediate risk is to internet-facing systems that are not current on patches. When vulnerability discovery runs at machine scale, the volume of known, fixable flaws in the software you already run goes up sharply — and any of those systems that is reachable from the public internet and behind on updates is now a more attractive, more findable target than it was a month ago. Discovery scaling does not just help defenders; it expands the public catalogue of things attackers can look for.

Most SMBs have more exposed surface than they think. The common culprits:

  • Edge devices: firewalls, VPN concentrators, routers, and remote-access gateways. These are internet-facing by definition and are historically slow to patch because an update can interrupt connectivity.
  • Web properties: your marketing site, customer portal, and especially WordPress and its plugins, where the vast majority of flaws live.
  • Email and collaboration servers that are reachable from anywhere.
  • Forgotten assets: a staging server, an old subdomain, a test box, a printer with a web interface — the things nobody owns in the asset inventory.

The defensive move is not new, but it is newly urgent: shrink what is exposed and keep what remains current. We walk through the mechanics in how to reduce your attack surface. The single highest-leverage question for your IT lead this week is simple: what of ours is reachable from the public internet, and is every one of those things fully patched? If nobody can answer that from data, that gap is the risk.

Why Patched Systems Are at Higher Risk Too

Being patched today does not buy the breathing room it used to, because new exploitable flaws are now being revealed faster than at any point in computing history — and the window between a fix being published and a working exploit existing has collapsed. Even a diligent business that patches on a reasonable cycle is exposed during the gap between when a flaw becomes known and when its own fleet is updated. Mythos-scale discovery widens the stream of flaws flowing into that gap.

Two clocks tell the story:

  • The discovery clock just sped up roughly 20-fold at the vendors who have Mythos access, which means more patches, more often, across more products.
  • The weaponization clock sped up too. The median time from a public CVE to a working exploit has fallen to roughly 10 hours. When a patch ships, the underlying flaw is disclosed — and attackers with AI assistance can reverse-engineer it into an exploit before most businesses have finished their change-control paperwork.

The practical consequence is that patch velocity — how fast you actually install fixes — now matters more than patch policy. A monthly or quarterly maintenance window was built for a world that produced about 21 browser fixes a month. It is not competitive with a world that can produce 423. Auto-update by default, a tight written SLA for high-severity items, and the automation to enforce it are the difference between a narrow exposure window and a standing invitation. Our guides to managing software updates and patching and why regular patching prevents vulnerabilities cover the how.

It Is Not Just Vulnerabilities: New Malware Strains and Phishing at Machine Speed

The vulnerability flood is only the first wave. The same AI capability that finds flaws can help write the malware that exploits them and the phishing that delivers it — which means businesses should expect more novel malware variants and far more convincing social engineering, produced faster and at lower cost. Most cyber incidents are still, at heart, confidence tricks: someone is fooled into clicking, paying, or handing over a credential. AI does not change that fundamental — it makes the tricks faster, cheaper, and harder to spot.

Three shifts are already visible and will accelerate:

  • New and self-modifying malware. AI lowers the skill floor for producing working malicious code and helps it mutate to evade signature-based detection. We covered what researchers actually found in how AI is making malware smarter. Expect more strains, faster, with shorter shelf lives for any single signature.
  • Phishing your team genuinely cannot spot. The grammar mistakes and awkward phrasing that used to give phishing away are gone. AI writes flawless, context-aware lures in any language, at scale — which is why employees can no longer reliably spot AI-powered phishing by eye, and why phishing-as-a-service platforms keep growing.
  • Speed compresses every defensive timeline. An attacker who can generate a fresh exploit, a fresh malware variant, and a fresh phishing campaign in hours rather than weeks gets far more attempts against you per month. Volume is its own threat.

The defensive implications are covered in our guide to defending against AI-powered cyberattacks. The short version: technical controls that do not depend on a human spotting the trick — phishing-resistant MFA, DNS filtering, endpoint detection — matter more than ever, because the human eye is no longer a reliable last line.

Why This Hits Businesses Big and Small

No one is exempt, but the burden is not evenly distributed. Apple and Mozilla have elite security teams and still turned up thousands of latent flaws — proof that scale and budget do not make software bug-free. The difference is that the giants can absorb the disclosure cadence with large, well-funded engineering and incident-response operations. Most SMBs cannot, which is why the gap between attacker speed and defender response is widening fastest at the small end of the market.

Two structural realities make SMBs the softer target:

  • Lower patch velocity. Where a large vendor ships fixes on a fixed clock, many SMBs still patch "when the MSP gets to it." In a 10-hour-exploit world, that lag is the exposure.
  • Less visibility. Big firms know what they expose and monitor it continuously. Many SMBs cannot produce a current list of internet-facing assets at all — and you cannot defend what you cannot see.

This is the same pattern documented in why cybercriminals are targeting small businesses in 2026, and it is reinforced every year by the Verizon Data Breach Investigations Report, which consistently shows businesses with fewer than 1,000 employees absorbing a disproportionate share of confirmed breaches. Mythos-scale discovery does not create that gap. It widens it.

What Canadian and US Business Leaders Should Do Now

None of the right responses are exotic, and none require a security team of your own. They are questions to put to your internal IT lead, your managed IT services provider, or your vCISO this quarter — and vague answers are themselves a finding.

  • What of ours is exposed to the internet, and is all of it fully patched? Ask for a current, data-backed list of internet-facing assets — including forgotten ones — and their patch state.
  • How fast do we actually patch high-severity flaws? Not the policy — the measured number. Target hours-to-days for internet-facing systems, not weeks.
  • Is auto-update on by default everywhere it safely can be? Browsers, operating systems, mobile devices, and most SaaS clients should update automatically. Manual approval should be the rare exception.
  • Do we have phishing-resistant MFA on every remote-access surface? See phishing-resistant authentication with hardware keys and passkeys. This is the control that most often stops an AI-written lure from becoming a breach.
  • Do we have detection, not just prevention? Endpoint detection and response (EDR) and managed detection (MDR) narrow the window when patching cannot move fast enough and when novel malware slips past signatures.
  • Are our key vendors on early-disclosure programs like Project Glasswing? You will not be a direct participant, but your OS, browser, identity provider, and core SaaS vendors should be on early-fix tracks. Ask.

The frameworks you are likely already measured against — Canada's CCCS Baseline Cyber Security Controls and Bill C-26, and the US NIST SP 800-171, CIS Controls v8, and FTC Safeguards Rule — all already require timely patching, asset inventory, and vulnerability management. None of them are wrong. They were simply written for a slower world. The gap is execution speed, not policy.

Practical Next Steps for the Next 30 Days

For leaders who want a short, defensible action list in response to the Mythos milestone:

  1. Get a written inventory of internet-facing assets. Firewalls, VPNs, web servers, email, remote-access gateways, and anything with a public IP or hostname. You cannot patch or retire what you have not listed.
  2. Retire or wall off what does not need to be exposed. Every service taken off the public internet is one Mythos-scale discovery cannot reach. Start with attack-surface reduction.
  3. Tighten your patch SLA and automate it. Many businesses we work with target 24–72 hours for internet-facing systems and seven days for end-user devices. Pick numbers, automate enforcement, and measure against the data.
  4. Put phishing-resistant MFA on every remote-access surface — email, VPN, admin consoles, and cloud apps.
  5. Validate EDR/MDR coverage across Windows, macOS, and servers, so novel malware and exploit activity is detected even before a patch exists.
  6. Refresh phishing awareness with the AI reality. Train staff that "it looked legitimate" is now the norm, not the exception, and that process — verifying payment changes out-of-band, for example — protects them where instinct no longer can.
  7. Run a 5-minute risk check. Our free quick security assessment covers the patching, exposure, identity, backup, and training basics that most Mythos-class flaws and AI-built attacks would still have to chain through to cause real harm.

The Durable Lesson

The 10,000 number is built to travel, but it is not the lesson. The lesson is that the cost of finding a serious flaw just fell off a cliff, the cost of weaponizing one fell with it, and the cost of being slow to patch or easy to fool rose just as sharply. Mythos itself is, for now, a defensive asset held by a small group of trusted partners — but the capability it represents will not stay scarce, and the attacks it foreshadows are not waiting for permission.

Businesses that already practice tight patching, attack-surface discipline, phishing-resistant identity, and real detection are mostly well-positioned to ride this out. The ones that have deferred those basics — because nothing has gone wrong yet — are the ones AI-accelerated discovery and AI-built attacks will find first. The window to close the gap is open now, while Mythos is still mostly on the defenders' side. That window is the one business leaders should use.

This article is intended for general informational purposes only and does not constitute professional security, legal, or compliance advice. Details about Claude Mythos Preview, Project Glasswing, and the volume of flaws attributed to them are based on public reporting and vendor disclosures available as of the date of publication and may evolve as more information is released. Organizations should consult qualified cybersecurity professionals before making operational changes based on this article.