Presented by ChainguardThe significance of Anthropic’s Mythos lies less in the model itself than in the broader shift it represents. AI is now capable of autonomously discovering vulnerabilities across large codebases, forcing enterprises to rethink software supply chain security. Security teams are wrestling with a new reality where AI can uncover vulnerabilities in hours that would have taken skilled researchers weeks or months to find, including flaws buried deep inside open-source dependencies and transitive packages that traditional scanning tools routinely miss.This means that the window between a hidden flaw and a weaponized exploit is shrinking at the same time AI coding assistants are dramatically increasing the attack surface area."For 20-plus years, all of the ways we think about handling vulnerabilities grew up around the assumption that exploiting them was expensive," says Quincy Castro, chief security officer at Chainguard. "AI has completely flipped that dynamic. We're looking at a world about to be deluged by novel zero-day vulnerabilities, and potentially new classes of vulnerabilities that human beings haven't been able to discover before. Zero-days are much more of a commodity now."When AI-assisted vulnerability discovery makes it dramatically easier to identify weaknesses hidden inside modern dependency stacks, the cost calculus that made reactive security tolerable no longer holds. AI coding tools are expanding the software supply chain attack surfaceSoftware supply chain risk has been climbing the security agenda for years, driven by a series of high-profile compromises that revealed how effectively attackers could move through open-source dependencies to reach enterprise environments. The new class of CI/CD workflow weakness that allows attackers to hijack workflows and compromise open-source supply chains has been codenamed Cordyceps. It can give attackers full control of repositories at dozens of the largest organizations worldwide, including Microsoft, Google, Apache, and Cloudflare.On Microsoft's Azure Sentinel, for example, a comment on a pull request could run anonymous attacker code on Microsoft's CI and steal a non-expiring GitHub App key. A pull request on Google's AI Agent Development Kit ("adk-samples") could execute attacker code on Google's CI to gain complete authority over a Google Cloud repository.And in May, open source code platform GitHub announced that it had been breached by hackers in a supply chain attack, when a GitHub developer had installed a poisoned VSCode extension. The hackers behind the breach, a group called TeamPCP, claim to have accessed around 4,000 of GitHub’s code repositories. Other victims include OpenAI and the data contracting firm Mercor. And in just the last few months TeamPCP claims to have carried out 20 waves of supply chain attacks that have hidden malware in more than 500 distinct pieces of software.AI coding assistants are accelerating this dynamic by increasing the volume of code and dependencies entering production. As developers ship multiple releases a day with agentic tools, the dependency surface expands at a pace that traditional scan-and-patch workflows were never designed to handle.At the same time, vulnerabilities that might once have remained obscure — whether buried deep in the stack or considered too low in severity to prioritize — are becoming more discoverable at scale. The question of which flaws a security team can afford to accept looks different when AI can identify and potentially chain together multiple lower-severity issues into an effective attack path. The emergency patch cycle that may have occurred once or twice a year also starts to look very different when severe vulnerabilities arrive in clusters."Every time you invoke that emergency patch process, you risk breaking some percentage of deployed resources," Castro says. "You're suddenly choosing between leaving customers exposed to a severe vulnerability or disrupting the product they paid for."Reactive security models can't keep pace with AI-driven exploitsThe deeper problem with reactive security is that it relies on an increasingly incorrect idea of how attacks actually work. Patch cadences and compliance timelines presuppose that intrusions behave like safety events, i.e., stochastically predictable, and manageable through probabilistic risk acceptance. "Cyber defense is not a checklist activity when it's done effectively," Castro says. "The adversary also gets a turn. If you think 30 days to fix a critical is good enough, you're going to be on the losing end of that calculus every time."Frontier models amplify this problem by enabling even less sophisticated attackers to move faster through environments, chaining together vulnerabilities that would previously have required significant expertise to operationalize. The open vulnerabilities that organizations used to accept as manageable risks because weaponizing them was genuinely hard, become more actionable in an environment where AI can assist with exploit development. "Security leaders bear responsibility for translating this shift to executive leadership," Castro adds. "The change in the threat environment driven by AI is not necessarily something traditional CXOs will recognize on their own."Building trust at the point of creationThe most effective response requires moving security closer to the point of software creation, rather than relying primarily on detection and response, with software provenance and trusted sources serving as the foundation of trust. Rather than scanning components after the fact and managing an ever-growing vulnerability backlog, the goal is to begin with open-source software built from verified sources, continuously maintained, and stripped of unverified dependencies.As agentic coding tools bring software development within reach of non-engineers, a finance employee may be able to build a tax calculation tool in an IDE without ever involving an application security team. The security model surrounding that process cannot depend on expertise the developer doesn’t have."Larry in finance doesn't have an SRE team or app sec people looking over his shoulder," Castro says. "He's just trying to do his job. The only way that works safely, at a company handling health care records or financially sensitive documents, is if the components he's pulling from are inherently secure and trustworthy. He shouldn't have to know anything about this. The trust has to be embedded upstream."Simplicity, not more tooling, is the fix for supply chain riskFor enterprises already overwhelmed by software complexity, doubling down on existing approaches, like reachability analysis tools, larger appSec teams, offshore labor to handle the volume of issues, are a losing strategy in an environment where frontier AI models are only going to become more capable. "We haven't even tapped into the new classes of vulnerabilities that are going to require major surgery on widely-used protocols," Castro says. "There aren't enough resources in the world to tackle these problems in traditional ways. Rather than tackling complexity with more complexity, we need to tackle it with simplicity."In practice, that simplicity means abstracting security away from the point where most developers encounter it, removing the friction-producing scan-gate-patch controls layered on top of the build process and replacing them with a starting point that is already secure by construction. The engineering team retains its ability to move fast and the trust question is resolved before the code is ever written.But the path from accelerating vulnerability discovery to a more stable future will require real disruption for organizations that haven't started repositioning yet. "CXOs have to get out in front of these issues and take a proactive approach to building security into the systems they're responsible for," Castro says. "We don't want to keep investing in the stuff that's already failing us."Sponsored articles are content produced by a company that is either paying for the post or has a business relationship with VentureBeat, and they’re always clearly marked. For more information, contact sales@venturebeat.com.