April 2026
While We Argue About AI Zero-Days, Attackers Are Walking Through the Front Door
Anthropic recently restricted its most capable model, Mythos, to vetted security research organisations through a programme called Project Glasswing. The model is reportedly capable of finding deeply rooted zero-day vulnerabilities in production software. The security community has spent the past week debating whether this is responsible, terrifying, or both.
It is an interesting research question. It is not the thing that is going to compromise your business this quarter.
What Practitioners Actually See
The most useful commentary on Glasswing came not from AI researchers but from penetration testers.
JVO, who has spent a decade legally breaking into hundreds of organisations including governments, put it bluntly: "the amount of times I required a 0day to do so was exactly 0 times." His analogy: "like living in Europe and being worried about Northrup Grumman having lethal space lasers while you're more likely to get stabbed by a crazy person walking through the streets."
He followed up with a point worth sitting with: "while watching Mythos find these deeply rooted 0days is pure art, rarely do 0days themselves become the deciding factor in being able to compromise the systems we all rely on daily... you can do just as much damage without a 0day by exploiting more general attack paths whether that be exploiting identity, APIs, or cloud."
Dave Kennedy, whose career in offensive security goes back further than most, added the wider frame: "cybersecurity isn't just software bugs albeit an important part. Misconfigurations, user phishing, weak credentials, implementation failures, and a whole lot more. Most breaches do not occur from a zero day."
These are people who compromise organisations for a living. They are telling you that the attack paths which actually work are boring. Identity. Cloud misconfigurations. Weak credentials. Exposed management interfaces. Missing patches on edge devices.
What APT28 Actually Used This Week
The same week the security community was debating Glasswing, the NCSC published an advisory about APT28 (Russian military intelligence, GRU Unit 26165) compromising routers to hijack DNS settings. The technique lets them intercept login credentials, OAuth tokens, and email access for every device on the network.
The vulnerability they used? CVE-2023-50224, on a TP-Link WR841N. A consumer router. A known vulnerability with a CVE dating from 2023. Not a zero-day. Not even close.
The campaign has been running since 2024. It works because the routers are unpatched, running default credentials, with management interfaces exposed to the internet. The same basic hygiene failures that practitioners have been talking about for years.
Russian military intelligence, with the resources of a nation-state behind them, chose to exploit a known vulnerability on a consumer router rather than burn a zero-day. That tells you everything about where the real attack surface is.
The Gap Between Fear and Reality
There is a pattern here. Every few months, the security conversation shifts to a new existential concern, from AI-generated malware to autonomous exploitation agents to models that find zero-days faster than humans. These are real research problems worth studying. They are not what is compromising organisations today.
The Verizon Data Breach Investigations Report has been telling the same story for years. Stolen credentials, phishing, misconfiguration, and unpatched known vulnerabilities account for the overwhelming majority of breaches. Zero-days appear in a small fraction of incidents, typically in targeted campaigns against high-value intelligence targets, not against the SME down the road.
The risk for most organisations is not that an AI will discover a novel vulnerability in their software. The risk is that their router has not been patched since it was installed, their cloud storage bucket has public read access, their admin portal uses single-factor authentication, and nobody is watching any of it.
Why This Matters for How You Spend
The Glasswing discourse has a practical consequence: it distorts how organisations think about security investment.
If the threat is AI-discovered zero-days, the answer feels like it should be expensive, advanced, and probably involves buying an AI of your own. That framing benefits vendors selling next-generation threat detection platforms. It does not benefit your actual security posture.
If the threat is the attack paths that actually get used (identity, misconfiguration, unpatched edge devices, exposed APIs), the answer is different. It is less exciting, but it works:
Know what you have. You cannot patch what you do not know about. An asset register that covers your routers, cloud services, and external-facing infrastructure is the foundation. Most organisations do not have one.
Patch your edges. Not just endpoints. Routers, firewalls, access points, IoT devices. The things at the boundary that most patch management programmes miss. APT28 did not go after servers. They went after TP-Link routers.
Know your patch state. Not "we think everything is patched" but evidence. Which devices, which firmware versions, when last updated. The difference between a policy and a control.
Watch for configuration changes. The APT28 DNS hijacking worked because nobody was monitoring the router's DNS settings. A baseline and an alert would have caught it.
Close the identity gaps. Multi-factor authentication on every external-facing service. Not just email. Admin portals, VPNs, cloud consoles, API dashboards.
None of this is novel. But it is more likely to prevent a breach than worrying about whether an AI can find a zero-day in your code.
The Boring Stuff Works
Glasswing is a serious research programme and Anthropic's decision to restrict access to vetted security organisations is the right call. The model's capabilities in the hands of researchers will genuinely improve software security over time.
But for most organisations, the conversation about AI-discovered zero-days is a distraction from work that needs doing now. The front door is open. Patch it before you worry about someone tunnelling through the foundation.
ThreatControl focuses on the attack paths that actually get used. Our Security Suite assesses your perimeter, cloud, and vulnerability posture. Our Fractional CTO service provides practical guidance on the hygiene that prevents most breaches. Get in touch.