I read the Project Glasswing update over coffee this morning and the number everyone is quoting is wrong.

10,000 high or critical-severity vulnerabilities in a month. That is the line getting pulled into headlines, vendor blog posts, leak tracker tweets about a “claude-mythos-1-preview” string showing up in Claude Code. Anthropic’s frontier security model, the one they said they would not release, is now being prepared for general availability inside Claude Code and Claude Security. The chatter is loud.

The number that should actually scare you is 75. That is how many of the 530 high or critical bugs Anthropic has disclosed to open-source maintainers have actually been patched. Not pull-requested. Patched.

The math is brutal once you sit with it. Mythos finds bugs at machine speed. Humans fix them at human speed. Anthropic is the one saying this, plainly, in their own update: “the bottleneck in fixing bugs like these is the human capacity to triage, report, and design and deploy patches.” Some maintainers have asked Anthropic to slow down disclosures. That sentence should stop you cold.

The dominant industry framing right now is that Mythos changed the math on vulnerability discovery. Every security vendor with a marketing budget is racing to publish a “post-Mythos readiness” guide. ArmorCode shipped a 90-day blueprint. Every CISO LinkedIn post this month is about the “vulnerability tsunami.” It is a useful term for selling platforms. It is the wrong frame for what is actually happening.

What is actually happening is this: Mythos solved the easy half of security. Finding the bug. That was the half we already had decent tooling for. SAST, DAST, fuzzers, bug bounties, security researchers. Mythos is dramatically better than all of them, sure. The point is, finding things was never the bottleneck for any mature security program. Any CISO with a half-decent scanner stack was already drowning in findings before Mythos existed.

The hard half is everything after. Reproducing the bug. Confirming it is real and not a hallucinated false positive (Mythos has those, the post-triage true-positive rate is 90.6%, which sounds great until you realize it means almost 1 in 10 of the carefully-assessed findings are still noise). Routing the finding to the human who owns the code. That human deciding whether it is reachable in their production path. Writing the patch. Getting the patch reviewed. Shipping the patch. Convincing every downstream user to install it.

For a single open-source library, that pipeline takes weeks at best. For a kernel-level CVE, it can take months. Anthropic’s own data: average two weeks per high or critical bug, and that is only the patches that have landed. There are 827 confirmed vulnerabilities still queued for disclosure. The patch dashboard exists because the drop-off at every stage is steep enough to need its own dashboard.

The honest counter to my take is that Mythos is a real defender’s gift. wolfSSL, Firefox 150 patched 271 vulnerabilities in one cycle, Cloudflare 2,000 bugs caught before adversaries got there. These are not small wins. The critical infrastructure of the internet is genuinely getting harder to break, today, because of this work. I am not waving that away. Anthropic’s restraint in not releasing Mythos publicly, partnering with 50 critical software vendors first, building Claude Security to help the rest of the industry catch up, all of that is the right call. If you want the safety case, the Glasswing post makes it well. I think it is honest.

But the defender’s gift only matters for as long as it stays a defender’s gift. Anthropic’s own estimate is six to eighteen months before comparable capabilities show up at other labs, with or without safeguards. The window is finite and shrinking. Inside that window, the only question that matters is whether the human pipeline that comes after discovery can ship patches faster than offence can weaponize the same class of model against unpatched code in the wild.

Right now? Not even close. The maintainer of a critical open-source library is one volunteer who got an email from Anthropic last week and needs to design a fix on top of their day job. There is no shortcut for that. No dashboard fixes it. No agentic AI fixes it. The bottleneck is the human, and the human is already maxed.

So here is what I actually want builders to take from this moment. Stop optimizing for finding more bugs. The next ten thousand vulnerabilities are already on the way and there is nothing useful left to prove about machine-scale discovery. The interesting work is the boring middle. Faster reproduction harnesses. Patch generation that actually compiles and passes the existing test suite. Better signal-to-noise in maintainer inboxes so they can triage in minutes instead of days. Coordinated disclosure infrastructure that can absorb the volume without burning out the volunteers holding the whole stack up.

Anthropic is doing some of this. The Claude Security tool, the OpenSSF partnership, the open-sourced threat model builder, all real. None of it is enough yet.

The real story of Mythos 1 Preview is not that AI got better at hacking. It is that we built the wrong half of the system, and now we have a deadline to build the other half before the asymmetry flips.

Discovery is the easy part. Always was. We just did not notice until a model finally proved it.