Zero-Day Vulnerabilities and AI: Are You Ready?

This document represents Mehdi Talei’s (as a professional in cybersecurity) personal perspective based on current knowledge and publicly available information. It is not intended to be definitive, legally binding, or to represent the official position of any vendor, organization, or institution.

Mehdi Talei
CISO sur demande

What are vulnerability scanners?

They are the tools which identify systems’ vulnerabilities. They are normally installed in an environment, sweep the systems, verify against their database and flag if there is any vulnerability on the environment.

There are different types of scanners, some installed internally and some are able to scan both internal and external exposures.

What is Claude Mythos Preview?

Mythos Preview is a new tool of Anthropic, the entity which have developed Claude. Mythos Preview is capable of identifying and then exploiting zero-day vulnerabilities in every major operating system and every major web browser when directed by a user to do so. The vulnerabilities it finds are often delicate and difficult to detect.

One of the advantages of Mythos Preview is that a person with less knowledge in cybersecurity can also leverage the solution and find and exploit sophisticated vulnerabilities.

Worth to mention that Mythos Preview is not yet available to public, it’s been used by some biggest tech companies to test and discover vulnerabilities in their environment.

Vulnerability discovering and Zero-days

Zer-day vulnerabilities are the flaws which were not previously known to exist, they are unknown to the vendors and there is no patch to remediate them.

Several organisations in the World contribute to vulnerability research, disclose, cataloging and prioritization, such as Cisakev, cve.org, NVD, Cert, EPSS, etc…

They use different methods to find out about the vulnerabilities:

  • Manual code review (Human-Driven Analysis) ;
  • Fuzzing (Automated Input Mutation) ;
  • Static Analysis (Automated Code Inspection) ;
  • Dynamic Analysis & Runtime Monitoring ;
  • Binary Analysis & Reverse Engineering ;
  • Large‑Scale Internet Scanning & Telemetry ;
  • Incident Response & Threat Intelligence Feedback ;
  • Coordinated Vulnerability Disclosure (CVD) ;
  • AI‑Assisted Vulnerability Discovery.

You said AI? Yes, AI, it has been being used for the last years to find the vulnerabilities, and the usage is getting more and more popular.

Claude Mythos builds upon existing vulnerability discovery methods, it’s using one of the best and more efficient AI platforms in the world, to the point that even the people with less expertise can use and find the vulnerabilities… and possibly exploit them as well.

Don’t get me wrong, the point is not to underestimate the huge effort which has been put in place, the point is that for us, the defenders, this represents an evolution of the threat landscape, requiring heightened vigilance but not a fundamental change in security principles.

What shall we do?

  • Keep a close eye on the evolution of Claude Mythos Preview. We can take advantage of this technology to defend ourselves in a better way. We need to learn about every piece of it ;
  • Get to know your inventory (hardware & software)… 100% of your inventory, not 95%. Why? Because if you don’t know your inventory, you won’t know the existing vulnerabilities in your environment ;
  • If you are able to enable the automatic update, please do so ;
  • Put in place a vulnerability management program (I insist on the word “program”, because it is normally bigger and more complex than a “project”) ;
  • If you are not able to remediate a vulnerability, make sure to have compensating control in place ;
  • Make sure to receive the alerts on latest and greatest updates ;
  • Reduce your exposure surface ;
    • Make sure your services are not exposed to the Internet if they are not supposed to ;
    • Verify accesses to make sure the least privilege access philosophy is being respected ;
    • Protect & monitor your high privileged accounts ;
    • Make sure to enable MFA everywhere, and configure it properly ;
  • Make sure to have a healthy backup, if ever with all those measures you get hit, at least you can bring the business up and running in a short period of time ;
    • Don’t forget to test your backups. A backup not tested equals having no backup ;
  • The last but not the least, as a matter of fact the most important point, make sure to have monitoring in place. If one of your vulnerabilities is being exploited by a malicious actor, through an efficient monitoring process, you may be able to reduce the damage.

Conclusion

Anthropic’s Mythos Preview is not the first AI-assisted cybersecurity tool, and won’t be the last one, we are just at the beginning of this journey.

AI‑assisted security research such as Mythos Preview highlights how vulnerability discovery may accelerate, reinforcing the importance of strong vulnerability management, visibility, and monitoring rather than introducing entirely new security fundamentals. Therefore, it is essential to continue respecting and applying the basic principles of cybersecurity to protect your organization and its environment.

Inscrivez-vous à l’infolettre Eficio et soyez le premier à recevoir notre actualité !

S'inscrire