.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Last week, Thomas Ptacek published a piece arguing that vulnerability research is cooked. His thesis: AI agents are about to drown us in a steady stream of validated, exploitable, high-severity vulnerabilities, faster than anyone can patch them. But from where I sit, the more urgent question isn't whether the flood is coming, but whether the infrastructure we depend on can absorb it.
Anthropic's Claude Mythos Preview has already discovered thousands of zero-day vulnerabilities across every major operating system and web browser, with a 72.4% exploit development success rate. Some of these flaws had been hiding in plain sight for decades. This fundamentally changes the economics of vulnerability exploitation.
We recently let OpenClaw loose on one of our own legacy internal networks as a red-team exercise. Using pre-Mythos frontier models with custom skills our team built in-house, the agent compressed our Active Directory reconnaissance phase from three days to three hours and produced 23 actionable findings — including critical escalation paths to Domain Admin — all from a single unprivileged account. The detailed, structured audit trail it generated meant our detection teams could begin validating coverage almost immediately, collapsing a handoff that normally takes weeks.
If that's what current models can do, with careful orchestration, consider what happens when the next generation of AI is pointed at your perimeter by someone who isn't on your side.
We've seen this before
At Sophos, we know what can happen when motivated adversaries get a reliable supply of edge-device zero-days, because we lived it.
Our Pacific Rim investigation documented a five-year campaign by multiple interlinked Chinese state-backed threat groups, including clusters overlapping with Volt Typhoon, APT31, and APT41, systematically targeting perimeter devices. They exploited vulnerabilities in firewalls, VPN concentrators, and other edge infrastructure to compromise critical targets: nuclear energy suppliers, military hospitals, government ministries.
What made Pacific Rim so instructive wasn't just the sophistication of the attacks. It was what enabled them. As our CEO Joe Levy described it, digital detritus was the engine of the whole campaign: an immense but nearly invisible mass of end-of-life, unpatched, and forgotten network devices sitting at the perimeter of thousands of organisations. These devices were effectively permanent footholds, because nobody was updating them.
Now imagine that attack surface, but with adversaries armed with AI that can generate working exploits in hours rather than weeks.
The math is breaking
Our 2026 Active Adversary Report highlights the trajectory. Exploitation of vulnerabilities accounted for 16% of initial access across the 661 cases we investigated, and brute-force attacks are drawing almost level at 15.6%. Median attacker dwell time is now just three days. The window between vulnerability disclosure and active exploitation has been compressing for years.
AI-generated exploit development doesn't just compress that window further, it threatens to eliminate it entirely. When a model can read a patch diff and produce a working exploit before most organisations have begun their change-control process, traditional patch cycles become a liability, not a defence.
Ptacek frames this well: we've bought time with sandboxing and attack-surface restriction, but layered systems of sandboxes, kernels, hypervisors, and IPC schemes are essentially iterated versions of the same problem. Each layer is another target for an AI that won’t get tired or bored.
What actually works
I'm not writing this to sound the alarm and walk away. The Pacific Rim experience taught us concrete lessons about what holds up under sustained pressure from well-resourced adversaries, and those lessons are directly applicable to this new era.
Vendors must own the patching problem. During Pacific Rim, we observed that the devices most vulnerable to exploitation were those whose vendors had no mechanism for rapid, transparent updates. At Sophos, we built a hotfix capability that pushes critical patches over the air without requiring a firmware upgrade or reboot. Today, 99.41% of our customers' firewalls receive these hotfixes automatically. With Sophos Firewall v22, we introduced automatic firmware update scheduling and an extensive architecture redesign, containerising the control plane to reduce both the likelihood and the blast radius of RCE vulnerabilities.
We don’t need theoretical Secure by Design, we need receipts.
Transparency builds the trust that enables speed. Our Cybersecurity Trust Reality 2026 study found that only 5% of organisations have full trust in their cybersecurity vendors. That should concern every CISO, because trust is what allows you to accept a vendor's automatic hotfix at 2am without convening an emergency CAB. The most crucial drivers of trust are verifiable artefacts of security maturity: bug bounty programmes, transparent advisories, third-party certifications. The second is how vendors communicate during incidents. These are operational prerequisites.
Active defence is a team sport. Lawfare's analysis of Pacific Rim described it as corporate norm entrepreneurship, and that framing is apt. We deployed kernel-level telemetry to attacker-controlled devices. We collaborated with law enforcement to seize C2 infrastructure. The Pacific Rim timeline demonstrates what's possible when a vendor treats its deployed estate as something it has a duty to protect, not just a product it has shipped.
Advice for today
This isn't a future problem; the vulnerability economics have already shifted, and most organisations aren't moving fast enough. Here's where I'd focus right now:
Turbocharge your patching process. If you're still running monthly patch cycles for internet-facing infrastructure, you're operating on borrowed time. Treat perimeter device patching like incident response: measure time-to-patch in hours, not weeks. For devices that support automatic hotfixing, make sure it's enabled. For those that don't, you need a fast-track process that bypasses your normal change window when a critical vulnerability drops.
Confront your end-of-life problem. This is the digital detritus lesson from Pacific Rim. End-of-life devices that no longer receive security updates — like legacy Sophos XG firewalls that predate our hotfix architecture — mean permanent exposure. No amount of compensating controls will match the speed at which AI can now generate exploits for known, unpatched vulnerabilities. If you have EOL devices at your perimeter, replacing them isn't a budget conversation anymore. It's a risk acceptance decision that belongs at board level.
Demand more from your vendors. Ask them directly: can you push an emergency patch to my device without me having to schedule downtime? What's your median time from vulnerability disclosure to hotfix deployment? Do you have an active bug bounty programme? If they can't answer those questions clearly, factor that into your risk calculus. Our Trust Reality research shows you're not alone in finding this hard — but it's never been more important.
Assume the perimeter will be tested. With AI lowering the barrier to exploit development, the question isn't whether your edge devices will face zero-day exploitation attempts. It's when. Ensure you have detection and response coverage that extends to your network perimeter, not just your endpoints. And make sure your incident response plan accounts for compromised edge infrastructure as a realistic scenario.
The bigger picture
The Mythos moment isn't about AI replacing human security researchers, though it may well reshape that profession. The real risk is the growing discrepancy between the velocities of vulnerability discovery and patch deployment. Our OpenClaw experiment showed what a well-orchestrated current-generation model can achieve on offence. Mythos takes that several orders of magnitude further.
We can't control the pace of AI-driven vulnerability discovery, but we can control how fast we respond: how we build products, how transparently we operate, and whether we treat patching as a feature or an afterthought.
The flood is coming. The question is whether you’re building levees, or relying on sandbags.