A leading-edge AI research facility has decided that its most powerful model is too dangerous to release. The model—internally referred to as Mythos—independently uncovered thousands of zero-day vulnerabilities across all major operating systems and browsers, including defects that experts had missed for decades. A Google DeepMind researcher who participated in the assessment said he’d discovered more bugs in a few weeks than over the rest of his career combined.
Another model enhanced its capacity to generate functional Firefox exploits by about ninetyfold compared with its predecessor.
This is not hype. It represents an explosive leap in capability that the U.S. government is now racing to address before adversaries can match it.
The Trump administration understands, at least in part, what it is facing. American AI laboratories currently hold a meaningful lead in capability over China, Russia, North Korea, and Iran—call that window nine months, probably less. The working hypothesis: we can leverage this lead to identify and patch the vulnerabilities Mythos-class systems reveal before hostile actors can develop something close enough to weaponize. It’s a sensible instinct.
The challenge lies in execution.
Patching the U.S. infrastructure is not as straightforward as pushing out a software update. The American economy relies on bespoke applications, legacy platforms, and network dependencies that were never designed for rapid remediation. A patch that takes two weeks to reach a major bank might take two years to reach a regional hospital or a water utility. The federal government can move with genuine urgency and still see thousands of exposed nodes slip through the cracks. That isn’t a failure of will. It’s the structural reality of a decentralized digital economy that was never built for coordinated cyber defense at speed.
The patching effort, even when executed well, will be incomplete by the time the window closes. Some of those vulnerabilities will remain open. Some will be in systems that truly matter.
Credit goes to the administration for treating this with the seriousness it warrants. The vice president and a small circle of senior officials are moving aggressively to coordinate the federal response, demanding timelines from agencies, bringing industry into the process, and cutting through the usual interagency inertia. That is welcome, and it matters. In the short term, it may be the single biggest reason we have a real chance to gain meaningful ground before the window shuts.
But high-level leadership from the top cannot substitute for institutional capacity. A patching effort spanning years—and a deterrence posture that must endure across administrations—requires a permanent home. The Cybersecurity and Infrastructure Security Agency, or CISA, was created in 2018 to perform exactly this kind of work: coordinate vulnerability responses across federal networks and critical infrastructure sectors, and serve as the government’s main liaison with American industry on cyber defense. The administration has signaled it is unhappy with the CISA it inherited—staff depleted, no confirmed director, mission drift far beyond its original charter. Fine. Abolish it, reshape it, replace it—the institution isn’t the point. The point is that someone in the federal government must permanently own the relationship with American industry on vulnerability identification, prioritization, and remediation: setting timelines, tracking compliance, and publicly naming the sectors falling behind. Call it the Trump National Cyber Dominance Center. Brand it as politics demand. But stand it up, fund it, and hold it to outcomes—not process. The vice president’s sprint buys us the next few months. A dedicated entity is what carries the effort beyond them.
Here’s the harsher truth the administration must confront.
Believing the window for global adversaries to be nine months away is likely optimistic. As these models circulate—via research papers, benchmarks, commercial APIs, and inevitable leaks—the faster adversaries can distill their capabilities without building them from scratch. China, Russia, and North Korea aren’t waiting for Mythos. They’re extracting what’s already available from other AI models and running their own programs in parallel. American AI labs are among the world’s most valuable intelligence targets right now. We are assuming we can finish patching before the window closes—and that assumption requires adversaries to slow down more than they probably will.
Thus the administration must pursue two parallel tracks simultaneously. Not one after the other.
The first track is hardening the nation’s networks. Do it. Allocate the resources. Make it real.
The second track is deterrence. Because we may not be able to deny adversaries a capable offensive AI tool, we must impose a genuine fear of use. That requires a clear American cyber doctrine that we have historically avoided. We should articulate plainly that governments are accountable for attacks launched from within their borders or on their infrastructure, regardless of whether they claim the attackers are independent criminals. We should declare that assaults on American critical infrastructure—electricity, water, finance, defense—are acts of aggression that will provoke a response across the full spectrum of American capability. And we must mean it.
The common objection is that ambiguity preserves flexibility. That was reasonable when threats were incremental. It is not reasonable in a world where a hostile state or proxy can autonomously identify and exploit thousands of vulnerabilities across American infrastructure — compromising personal data, disrupting financial transactions, halting fuel flows, or even disabling power grids. In that world, refusing to draw clear red lines isn’t strategic patience. It’s an invitation.
The new American cyber doctrine should be straightforward enough to quote and credible enough to believe: Cyber is not a domain without consequences. Strike American infrastructure, and you will face an American response—and it will not be limited to cyber.
Mythos marks a threshold moment—not because a single model can collapse the internet, but because AI-enabled offensive cyber capability has shifted from theory to operation. What Anthropic built today, others will approximate tomorrow. The administration has rightly recognized the urgency. What it needs now is a patching effort that does not assume the window remains open, a government entity that can actually execute, and a deterrence posture credible enough to alter the calculus of every actor who edges toward this capability.
The storm is not coming. Its clouds are already overhead—and they are darkening swiftly.
