A lot of teams still talk about AI cyber risk like it sits a year or two out.

That story is dead.

Google says it found what appears to be the first case of attackers using AI to discover a new vulnerability and prepare it for planned mass exploitation. The target was a flaw in a widely used open-source administration tool. Google blocked the campaign before deployment, but the important part is not the save. It is the workflow. Attackers likely used a model to help surface the bug and shape the exploit path.Google Reuters

That moves AI-enabled offense out of the lab and into real operations.

The risk is not one scary model. The risk is a faster offensive workflow

The biggest mistake here is focusing on one exploit like it is an isolated trick.

Google's report points to something broader. Models help with semantic vulnerability research, malware development, reconnaissance, and operational planning. That matters because offensive work is full of bottlenecks that used to slow people down. You needed time to read code, trace trust assumptions, test odd edge cases, and stitch findings into something useful.

AI cuts that time.

It also lowers the skill floor. A strong operator with models gets faster. A weaker operator gets help on the parts that used to block him. That is what turns capability progress into workflow risk.

For builders, this means your exposure is no longer just "can a model write bad code?" The real question is how quickly an attacker can inspect your system, reason about your logic, and line up an exploit chain before your team even sees the ticket.

Google, Anthropic, and the ECB are all saying the same thing from different angles

Google gave the field report. Anthropic gave the capability warning.

In April, Anthropic kept its latest cyber model, Mythos, out of broad release because it found thousands of vulnerabilities and showed enough offensive potential that the company restricted access through Project Glasswing.The Guardian Anthropic said the model could autonomously identify and exploit serious flaws across major software targets, which is why access went to a small group of infrastructure and security partners instead of the public.Google

Then regulators started talking the same way.

Reuters reported that the European Central Bank is studying defenses against Mythos-powered attacks because major banks and policymakers now treat frontier cyber models as a live operational threat, not just a research issue.Reuters

Different institutions. Same message.

The offensive side is now credible enough that labs are gating access, cloud defenders are publishing field evidence, and financial regulators are war-gaming fallout.

Builders need a different security operating model now

A lot of organizations still run security like a cleanup crew.

Engineers ship. Scanners complain. Tickets pile up. Somebody promises to circle back next sprint. That was already sloppy. Against model-speed exploit work, it is a gift to whoever is attacking you.

You need a tighter operating model.

First, treat logic flaws like first-class risk. Google's example was not a buffer overflow story. It was a semantic trust failure that enabled two-factor bypass under specific conditions. Those bugs survive because they look normal until someone reads the whole system carefully.

Second, cut remediation time. If attackers can search faster, you cannot let serious findings rot in backlog purgatory.

Third, make release evidence real. High-risk changes need stronger test coverage, clearer ownership, and review trails that show what changed, why it changed, and how it was validated.

Fourth, use AI on defense too. Refusing that on principle is stupid. If attackers get model-assisted reasoning and your team stays stuck in manual triage, you are volunteering to lose the speed mismatch.

What smart teams should change this quarter

A few blunt moves matter more than another policy PDF:

• audit old auth, session, and privilege logic for trust assumptions
• shorten time-to-fix targets for internet-facing and identity-related bugs
• require stronger approval gates for sensitive workflow changes
• run AI-assisted code review on risky surfaces before release
• map dependency exposure in open-source tools that sit near admin access
• rehearse how engineering, security, and ops respond when a credible exploit path shows up fast

This is not glamorous work. It is the work that keeps you off the wrong side of the incident report.

My blunt read

The industry keeps trying to separate AI coding upside from AI exploit upside. Nice fantasy. Same capability curve. Same underlying models. Different user intent.

Google's report matters because it shows offensive use in the wild. Anthropic's restrictions matter because they show frontier labs know what these systems can do. The ECB response matters because regulated institutions already see where this goes if access widens and defenses lag.

So stop treating AI-enabled cyber offense like a future scenario.

It is an active workflow risk now.

If you build software, your job is not just shipping faster. It is making sure your systems can survive attackers who now get faster reasoning, faster recon, and faster exploit planning too.

Sources: Google Threat Intelligence Group, Reuters on Google's report, Reuters on ECB defenses, The Guardian on Anthropic Mythos