SED News: Anthropic’s Mythos, Supply Chain Hacks, and the AI Spending Surge

Anthropic unveiled Mythos, a security-focused large model that autonomously finds unknown flaws in operating systems and browsers, even surfacing a 27-year-old OpenBSD bug. Access is limited to select tech giants and financial firms—Amazon, Apple, Microsoft, JPMorgan Chase—under the "Glass Wing" program, allowing early patches before malicious exploitation. S. government the same capability, raising concerns about transparency, control, and a potential AI-driven cyber arms race and could reshape vulnerability management across industries.

ai breach shows how malware disguised as Roblox cheats can steal OAuth tokens and cascade into high-value environments. Attackers used stolen credentials to breach a Vercel employee's Google Workspace, then moved into Vercel's internal systems, prompting a massive credential-rotation effort. This incident highlights a persistent industry failure to adopt secure-by-default settings such as encrypted environment variables and mandatory two-factor authentication, often postponed as non-revenue features until a breach forces costly remediation. Such lapses also erode customer trust and regulatory compliance. AI spending remains strong as enterprises invest in protecting and scaling AI workloads.

Conferences like Cloud Next and IBM Think showcase demand for turnkey solutions that combine rapid model deployment with hardened infrastructure. Open-source projects such as Stream's Vision Agents and commercial tools from GuardSquare offer sub-500-ms latency and multi-layer code hardening, easing the operational load of building secure multimodal agents. Continued investment in both innovative AI capabilities and robust defenses will determine which firms stay ahead in the evolving cyber-risk landscape. These trends signal that security will be a core component of AI budgeting decisions.