The mismatch between the capability and the response is where the real story lives.
From Basic Cyber Tasks to a Full Autonomous Cyberattack
For years, cybersecurity experts have been warning about the potential dangers of AI-powered cyberattacks. But until now, those warnings have been hypothetical. The UK’s AI Security Institute (AISI) has confirmed that Claude Mythos, an Anthropic model, has become the first AI to complete their cyber range end-to-end. This achievement marks a significant milestone in the development of AI-powered cyberattacks.
The range is a 32-step corporate network attack scenario that would take human experts 20 hours to complete. Claude Mythos accomplished this feat in a matter of hours, demonstrating its capability to chain together complex cyberattack steps without human intervention.
The Parallel with Self-Driving Cars
Self-driving cars give us the cleanest parallel to the development of AI in cybersecurity. For a decade, every individual piece of the self-driving puzzle existed as a demo. Lane-keeping worked. Adaptive cruise worked. Automated parking worked. But what didn’t exist was a model that could chain all of them into one uninterrupted ride. When Waymo’s first commercial robotaxi picked up a passenger in 2020, what changed wasn’t the individual capabilities. It was the threshold: chaining all of them into one uninterrupted ride. The same thing just happened in offensive cybersecurity.
The Development of AI in Cybersecurity
Each step of a network attack has been within reach of AI models for a while. Reconnaissance. Crafting payloads. Pivoting through a subnet. Covering tracks. But what didn’t exist was a model that could chain all 32 of those steps together without a human stepping in between. Claude Mythos did. In 2023, leading AI models struggled with basic cybersecurity tasks. Not sophisticated ones. Basic ones. Three years later, one of them drove the entire route.
AISI published the actual curve, and it is worth looking at directly. The red line is Mythos. GPT-4o sits near the bottom, completing around three steps before running out. Sonnet 4.5 gets to roughly 11. Opus 4.5 and the GPT-5 family cluster in the mid teens. Opus 4.6 pushes past 16. Mythos is the only line that clears the middle milestones: C2 reverse engineering, advanced persistence, infrastructure compromise, and eventually M9 — “Full network takeover.”
The Capabilities and Limitations of Claude Mythos
AISI is careful about the current scope. The capability applies to “small, weakly defended, and vulnerable systems” given network access. Think of it as the robotaxi that only works on mapped, sunny, well-marked urban grids. Hardened enterprise infrastructure with proper controls is still a different problem, the same way a snowy mountain pass is still a different problem for Waymo.
Why Does an Autonomous Cyberattack Change the Security Equation?
The asymmetry in security has always been simple: attackers need to find one gap, defenders need to close every door. AI doesn’t change that asymmetry. It changes the cost of running an attack. An automated system doesn’t need domain expertise to chain 32 steps. It doesn’t get tired halfway through. It doesn’t hesitate at unfamiliar territory. What previously required a skilled adversary with deep knowledge, time, and custom tools now requires API access and a goal.
The Dual-Use Nature of AI in Cybersecurity
The same model AISI tested on offense has been used defensively in Anthropic’s Project Glasswing to find thousands of zero-days in critical open-source infrastructure. Offense and defense, same capability, same model. The dual-use nature isn’t incidental. It’s structural. Whoever has the model has both sides.
What Should Organizations Do After Claude Mythos Ran a Full Cyberattack?
Patch your systems. Use MFA. Enable logging. AISI’s recommendations are correct. But they were correct before this evaluation too. That’s the part I keep returning to. The mismatch between the capability and the response is where the real story lives.
Conclusion
The achievement of Claude Mythos marks a significant milestone in the development of AI-powered cyberattacks. While the capability applies to “small, weakly defended, and vulnerable systems” given network access, the implications of this achievement are far-reaching. Organizations must take immediate action to secure their systems and infrastructure. The dual-use nature of AI in cybersecurity means that whoever has the model has both sides. The future of cybersecurity will be shaped by the development and deployment of AI models like Claude Mythos.
