European and national cyber authorities are warning that AI is rapidly increasing the speed and scale of vulnerability discovery and exploit development, raising the prospect of a sustained remediation crisis. The European Central Bank told about 110 major banks to assess AI-enabled cyber threats and submit action plans by October 31, 2026, while the European Systemic Risk Board and European Supervisory Authorities issued parallel warnings on systemic risk from frontier AI models. In France, ANSSI Director General Vincent Strubel told senators that AI-assisted discovery could create a multi-year "patch wall", overwhelming remediation teams even as basic controls such as network segmentation, identity and access management, and timely patching remain the most effective defenses.
Industry reporting and vendor disclosures show why regulators are escalating. Mozilla said frontier AI models helped identify 271 vulnerabilities fixed in Firefox 150 after an earlier run found 22 security-sensitive bugs, while researchers and commentators say LLM-assisted patch diffing can shrink the path from a disclosed CVE to a working proof of concept to days or even hours, including for flaws such as CVE-2025-32433 in Erlang/OTP SSH. At the same time, access controls around advanced cyber-capable models are tightening unevenly: Anthropic expanded its restricted Project Glasswing program for Claude Mythos to critical-infrastructure organizations, but open-weight alternatives such as Zhipu AI's GLM-5.2 are reported to deliver competitive vulnerability-finding performance at lower cost, reinforcing concerns that powerful offensive-relevant capability is spreading faster than most enterprises can patch.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
7 events from the most recent confirmed update back to the earliest known activity.
Also on 2026-07-07, the European Systemic Risk Board issued a formal warning about systemic cyber risks from frontier AI models. The European Supervisory Authorities backed the warning the same day.
On 2026-07-07, the European Central Bank sent a supervisory letter to the chief executives of about 110 significant institutions it directly supervises. The letter warned that AI-enabled cyber threats are accelerating ICT risk and ordered banks to submit action plans by 2026-10-31.
In early June 2026, Anthropic reportedly extended Project Glasswing access to around 150 additional organizations in more than 15 countries. The expansion included entities in energy, water, healthcare, communications, and hardware, subject to internal security requirements.
Anthropic introduced Claude Mythos Preview in April 2026 as a restricted-access cyber model rather than a broadly released product. The company kept access limited because it considered the model's advanced cyber capabilities to pose meaningful misuse risk.
Zhipu AI released the open-weight GLM-5.2 model on 2026-06-13. The model was described as competitive with Anthropic's restricted Claude Mythos on some cybersecurity tasks, particularly software vulnerability detection.
Mozilla said an early evaluation of Claude Mythos Preview identified 271 vulnerabilities that were fixed in Firefox 150. Mozilla argued this showed AI-assisted code reasoning can find bugs at a level comparable to elite human researchers.
Mozilla said an earlier effort using Anthropic's Opus 4.6 led to fixes for 22 security-sensitive bugs in Firefox 148. The company presented this as an early example of frontier AI helping identify latent browser vulnerabilities.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
7 references tracked. Mallory keeps watching after this page renders.
risky.biz
Open sourcezdnet.fr
Open sourcepostquantum.com
Open sourcecodeby.net
Open sourcecyberaccord.com
Open sourceresearch.hisolutions.com
Open sourceblog.mozilla.org
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.