Anthropic built the most powerful AI model ever documented. It can autonomously find zero-day vulnerabilities in every major operating system and every major web browser — not academic puzzles, real production code running on millions of machines. It found a 17-year-old remote code execution bug in FreeBSD that gives any attacker full root access.

Then Anthropic looked at what they’d built and said: no public release.

Instead, they handed it to Amazon, Apple, Broadcom, Cisco, Google, JPMorganChase, Microsoft, and NVIDIA. About 50 organizations total. The framing: this is “defensive use only.” They’re calling it Project Glasswing.

Here’s my reaction: I believe them. And I think it’s worse than it sounds.

The “too dangerous to release” story is real. Mythos isn’t being withheld as a PR stunt — it apparently autonomously discovers and exploits vulnerabilities that human security researchers have missed for nearly two decades. Releasing that to the public would be genuinely catastrophic.

But here’s the part nobody’s saying out loud.

The enterprises in Project Glasswing are now using Mythos to find and patch vulnerabilities in their software. Vulnerabilities that — until Mythos found them — nobody knew existed. The patches will roll out. The CVE numbers will be filed. And the world will quietly become more secure for users of their platforms.

Meanwhile, the rest of us are running on software that will never get that treatment.

This isn’t hypothetical. If you’ve been building with AI — and if you’re reading this, you probably have — your tools are almost certainly less secure than what a trained engineer would have written. Not because AI coding is bad. Because AI coding is fast, and fast means skipping the parts that are slow and unsexy. Security reviews are slow and unsexy.

I’ve built things with AI help. I’m honestly not sure how secure they are. And now I find out that the most capable model in history is actively scanning enterprise software for exactly this kind of hole — and I’m not in that program.

It’s uncomfortable to say. But it’s true.

This has been building for a while. I’ve watched Anthropic quietly raise the floor on what good AI costs. Token limits tightened. Pricing crept up. The models that actually matter — the ones that can do the work worth doing — keep drifting toward enterprise tiers that most solopreneurs can’t justify.

Mythos is just the moment the gap became undeniable.

There’s an older saying in tech: if you’re not paying for it, you’re the product. We all internalized that.

But something’s shifting that I can’t fully articulate yet — and I’m going to write a whole separate piece on it. The short version: a lot of us are paying for it now … And I’m not sure we’re not still the product.

I don’t have a clean resolution to any of this. I don’t think there is one yet.

But I think the worst thing you can do right now is pretend it isn’t happening.

What to actually do about it (the honest version)

I asked myself what advice I’d give a solopreneur who read this and felt the same uncomfortable recognition I did. Here’s where I landed — not a perfect fix, but an honest playbook for the current reality.

1. Audit what you’ve built with AI before Mythos-adjacent tools do it for you.