Artificial intelligence is crossing another boundary. Instead of merely helping developers, it may soon begin to meaningfully strengthen hackers. Newly disclosed information about Anthropic’s latest model suggests that AI is becoming increasingly capable of identifying vulnerabilities and preparing sophisticated attacks. This is a serious threat, warns Jonathan Zanger, CTO of Check Point Software Technologies.
Leaked details about a new AI model being developed by Anthropic suggest that cybersecurity is entering a new and far more dangerous phase. The model in question is Claude Capybara, also known as Mythos — a system said to be far more capable at finding vulnerabilities, creating exploits and planning multi-stage attacks. According to experts, this is a sign that artificial intelligence is no longer just a support tool, but is beginning to genuinely accelerate cyberattacks.
According to the authors of the analysis, the problem does not concern only the most advanced hacking groups. Over time, such capabilities may also become available to less technically skilled cybercriminals, because AI lowers the barrier to carrying out complex attacks. This means that companies which until now assumed they were not targets for “top-tier” attackers may suddenly find themselves in the risk zone.
A second worrying trend is the automation of attacks on an industrial scale. If AI models become increasingly effective in agentic mode, criminals will gain the ability to scan systems, SaaS services and legacy infrastructure almost continuously in search of new weaknesses. Attacks will no longer be manual, time-consuming operations, but will begin to resemble an automated production line. There will be less improvisation and far more mass “manufacturing” of cyberattacks.
Experts warn that in such a world, the time between the discovery of a vulnerability and its exploitation may shrink to almost zero-day levels. For businesses, this means that standard security settings and slow patching processes may simply no longer be enough. Organizations with unpatched systems, weak network segmentation, accounts without MFA and outdated servers that have long remained outside the main focus of IT departments will be particularly exposed.
In practice, companies should already be reviewing their “first line of defense” — from firewalls and WAFs to endpoint and email protection. What matters is not only whether such tools are deployed, but whether they are actually prepared to defend against previously unknown threats. Equally important are the speed of patching and reducing the possibility of lateral movement across the network if a breach does occur.
The conclusion of the analysis seems straightforward. Regardless of whether an organization has implemented AI itself, its adversaries are already using it. Cyberwarfare is accelerating, and companies that fail to reassess their approach to security today may not be able to keep up tomorrow, says the Check Point expert.
