The machine that out-hacks humans
Claude Mythos, Anthropic’s agentic AI model built for cyber offence testing, found over 10,000 high and critical vulnerabilities in its first month of controlled deployment. Only 97 were patched. Palo Alto Networks issued roughly two dozen security alerts in a single day after running Mythos tests, against a normal rate of about five per month. Cloudflare found 2,000 bugs, 400 rated high or critical. Mozilla fixed 271 vulnerabilities in Firefox 150 that earlier AI models had completely missed.
This is not a lab exercise. These are production environments at some of the world’s largest technology companies, and the AI found flaws that decades of human code review never caught.
The UK’s National Cyber Security Centre tested a related model on a 32-step enterprise network attack estimated to take a human expert 14 hours. The AI completed over half the steps at a cost of around £65 per attempt. The UK NCSC’s conclusion was blunt: defenders should assume that at least some attackers already have access to capable AI tools.
NZ learns about threats after everyone else
Anthropic runs these tests through Project Glasswing, a controlled programme whose partners include AWS, Apple, Cisco, Cloudflare, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, and the Linux Foundation. No New Zealand government agency. No New Zealand company. No New Zealand critical infrastructure operator.
The NCSC confirmed it is talking regularly with partners and vendors involved in Glasswing but is not itself part of the programme. The distinction matters. Glasswing partners get advance warning and time to patch before vulnerabilities become public. Everyone else, including every New Zealand organisation, gets exposure during that gap.
Mike Maddison, chief executive of NCC Group, called the Mythos announcement a notable inflection point that suggests a step-change in the cyber risk landscape. His assessment is specific: “We have seen clear evidence that AI can identify, chain and exploit zero-day vulnerabilities across major operating systems and browsers”. Maddison argues this undermines the assumption that decades-old code is safe simply because nobody has found its flaws yet, and that periodic patch cycles are still sufficient.
Starting from the bottom of the Five Eyes
This capability shift is hitting a country that already has poor foundations. New Zealand ranks 49th on the National Cyber Security Index, the lowest of the Five Eyes partners, and sits in the third tier of the Global Cybersecurity Index while allies occupy the first. New Zealanders lose more than $1.6 billion annually to cybercrime. Among 295 large businesses surveyed, 59% reported a cyber incident in the past year.
The NCSC briefed 300 local cybersecurity specialists in May and published formal guidance in April warning that frontier AI models are likely to change the threat landscape by increasing malicious actors’ ability to discover and exploit vulnerabilities at greater speed and scale. The recommended response is essentially patch faster, reduce attack surface, review supply chain vulnerability management, and monitor for compromise. Standard practices, the NCSC acknowledges, but ones that organisations need to do more quickly and more consistently.
Regulation is coming whether you’re ready or not
The government’s Cyber Security Strategy 2026-2030 is consulting on designating approximately 200 entities as critical infrastructure across communications, defence, energy, finance, health, transport, and water. Designation would carry formal security obligations. Cabinet papers also flag potential tightening of the Privacy Act, including a civil pecuniary penalty regime and a new offence for viewing or disseminating illegally obtained personal data.
For any business in or adjacent to those sectors, the compliance question has shifted. It is no longer whether you get breached, but whether you can demonstrate to a regulator, a board, or an insurer that your security posture was defensible. Maddison notes chief executives are already being pressed on legacy code exposure and how to explain defensibility.
The gap that won’t close itself
The uncomfortable reality is structural. New Zealand is not going to get a seat at Glasswing. It does not have the market weight or the institutional heft. That means every vulnerability discovered by frontier AI models will be known to major US tech firms and their government partners before it reaches New Zealand’s defenders. The NCSC can talk to Glasswing partners, but talking is not the same as being inside the room when the zero-days drop.
Businesses that treat cybersecurity as an annual compliance checkbox are now betting that AI-powered attackers will wait politely while they catch up. That bet looks worse every month.
Sources
- NZ at wild frontier of AI superhacking (2026-05-28)
- NZ at wild frontier of AI superhacking (science and technology) (2026-05-20)
- New Zealand at the ‘Wild Frontier’ of AI Superhacking, Says Cyber Watchdog (2026-05-28)
- AI vulnerability discovery forces boards to rethink cyber risk (2026-05-20)
- Why cyber defenders need to be ready for frontier AI (2026-03-30)
- New Zealand’s Cyber Security Strategy 2026-2030 (2026-02-01)
- Discussion document: Enhancing the cyber security of NZ’s critical infrastructure system (2026-02-01)
- Proactive Release FPS-26-SUB-0004: NZ Cyber Security Strategy 2026-2030 (2026-04-01)