MONITOR BUGS

“In cybersecurity, we always talk about the awful things, the ransomware outbreaks and hacks and things like that. But occasionally, we do something right collectively. And Y2K was an example of when the world knew about a problem and worked really hard and averted disaster. The Y2K lesson is to take threats seriously as early as possible.”

“We only want to release it to a select group of entities. So they picked about 50 corporations and organizations and said, take a look at this, see what you can do with it. The idea is that access to mythos could give those companies a head start against bugmageddon, allowing them to find the holes in their systems and patch them before hackers get their hands on mythos.”

“Eight years ago, the average time between a bug being found and a hacker using that bug in a cyber attack was 847 days. So a bug would be disclosed, two years would go by, and then it would start getting exploited on average. Now it's like within a day. It's not rocket science, but it takes time for a human to do it. You have to have a certain level of expertise. AI has absorbed all of that.”

“Hacking is very asymmetrical. If you are the hacker, you just have to find one way in to your target. You do something and it doesn't work, like no big deal, you know, you can try again. If you're a defender and you try to defend something and it doesn't work, you're hacked.”

“We're rolling out all kinds of AI-created software and AI systems and agentic systems and things like that, and people are going to start hacking all of that. So that actually might be a bigger worry than all these bugs in existing software that AI is finding. That's really the thing that I would kind of worry about is like, what is the unexpected consequence of all of these systems rolling out?”

“We only want to release it to a select group of entities. So they picked about 50 corporations and organizations and said, take a look at this, see what you can do with it. The idea is that access to mythos could give those companies a head start against bugmageddon, allowing them to find the holes in their systems and patch them before hackers get their hands on mythos.”

“Eight years ago, the average time between a bug being found and a hacker using that bug in a cyber attack was 847 days. So a bug would be disclosed, two years would go by, and then it would start getting exploited on average. Now it's like within a day. It's not rocket science, but it takes time for a human to do it. You have to have a certain level of expertise. AI has absorbed all of that.”

“AI models are getting very good at finding security vulnerabilities. The amount of bugs that are being found right now is skyrocketing, and people are freaking out because of that. Mythos has become the poster child for a phenomenon that people in the cybersecurity industry have been talking about for months... the geeks call it the vulnerability Armageddon, but here at The Journal, we call it the bugmageddon.”

“They said, find us some bugs, and it found this bug. A guy named Niels Provos had written some code in 1998 and he made a mistake. Nobody noticed that mistake for over 27 years until Mythos took a shot at it. The bug Mythos found could have caused a serious problem, and it had sat there undetected by humans for nearly 30 years.”

“In cybersecurity, we always talk about the awful things, the ransomware outbreaks and hacks and things like that. But occasionally, we do something right collectively. And Y2K was an example of when the world knew about a problem and worked really hard and averted disaster. The Y2K lesson is to take threats seriously as early as possible.”

“They said, find us some bugs, and it found this bug. A guy named Niels Provos had written some code in 1998 and he made a mistake. Nobody noticed that mistake for over 27 years until Mythos took a shot at it. The bug Mythos found could have caused a serious problem, and it had sat there undetected by humans for nearly 30 years.”

“We're rolling out all kinds of AI-created software and AI systems and agentic systems and things like that, and people are going to start hacking all of that. So that actually might be a bigger worry than all these bugs in existing software that AI is finding. That's really the thing that I would kind of worry about is like, what is the unexpected consequence of all of these systems rolling out?”

“AI models are getting very good at finding security vulnerabilities. The amount of bugs that are being found right now is skyrocketing, and people are freaking out because of that. Mythos has become the poster child for a phenomenon that people in the cybersecurity industry have been talking about for months... the geeks call it the vulnerability Armageddon, but here at The Journal, we call it the bugmageddon.”

“Hacking is very asymmetrical. If you are the hacker, you just have to find one way in to your target. You do something and it doesn't work, like no big deal, you know, you can try again. If you're a defender and you try to defend something and it doesn't work, you're hacked.”