Preparing for Mythos
A Sunday night with an open model showed me how much the cyber floor has moved. 🤖
Sunday Evening at Blox Space
Sometimes the weirdest rabbit holes start from pure boredom. It was Sunday evening, I was alone at Blox Space, sitting at the desk, surrounded by small lights and complete silence. No real plan, no big objective, no cinematic hacker setup. Just me, my laptop, too many terminals, DeepSeek v4 Pro running through OpenCode, and a question that started as curiosity but slowly became more obsessive: how far can I actually go with an open-source model if I just keep following the thread?
At first it felt like normal tinkering. The kind of thing you do when you are bored but your brain is still looking for something to bite. One prompt became one hypothesis, one hypothesis became one test, one test became one weird response, and every weird response opened another branch. It was fun in the most dangerous developer way: not dramatic, not emotional, just a clean loop of curiosity and reward.
Then I checked the time and it was 2 AM. That was the first uncomfortable part. The second one came later, when I realized the target was not even the most interesting thing anymore. The interesting part was the process, and how easily the process kept going.
This Is Not a Hack Story
Before going further: this is not a hack story, not a disclosure, and not a guide. I am intentionally stripping away the target, the infrastructure, the exact findings, the OSINT trail, the requests, the payloads, the credentials, and anything that could be reused. I do not want this post to be useful against anyone.
The target was a real-world gray-market streaming service. That is enough context.
To be clear, this does not mean the investigation found nothing. It did find real infrastructure signals, behavioral patterns, exposed surfaces, defensive inconsistencies, and OSINT-relevant data. Some of it was useful, some of it was noise, and some of it was exactly the kind of detail that should not be published in a personal blog post.
So I am intentionally reducing everything to general categories. Not because the details were irrelevant, but because the details were too specific.
The important part is not who it was, where it was hosted, or what stack it was running. The important part is that I am not a cybersecurity researcher, and still, with a strong open-source model and an agentic workflow, I managed to build a structured investigation that felt way above my actual skill level.
I am a developer with basic security intuition. I understand enough about web systems, APIs, infrastructure, auth, headers, logs, weird responses, and deployment mistakes to not be completely lost. But I am not the person who should be able to sit alone on a Sunday evening and methodically reason through a real-world internet-facing system like that.
And yet, with the model in the loop, I could.
That is the baseline.
The Question That Pulled Me In
I would love to say there was some grand motivation behind it, but honestly there was not. I was bored. I was curious. And lately I have been extremely interested in how far open-source models can be pushed when they are not used as chatbots, but as actual workflow engines.
So the real question was not only “what can I find on this target?”. The real question was: can a developer with basic security intuition, but no real cybersec background, use an OSS model to reason through a real-world attack surface?
The answer was yes.
A bit too much yes.
At first I was just asking questions and validating small things. Then the workflow started getting shape. The model was not only answering, it was helping me decide what to look at next, how to compare results, how to separate noise from signal, and how to keep the whole thing organized instead of turning it into random terminal chaos.
That is when the session stopped feeling like casual tinkering.
It became a process.
What Open Tools Already Enabled
The surprising part was not one single finding. It was the shape of the investigation.
With public tooling, an open-source model, and OpenCode acting as the execution layer, I was able to move from a vague target to a structured map of what was exposed, what looked protected, what behaved consistently, and what behaved differently across surfaces.
I am intentionally keeping the details generic, but the categories were real: public-facing infrastructure, API behavior, authentication boundaries, edge filtering, rate limits, defensive inconsistencies, front-end surfaces, and OSINT-relevant signals.
Most of the results were negative.
That part matters.
The system was not some comically broken box waiting to collapse. A lot of defenses worked. Many assumptions failed. Several paths ended in nothing. Some parts looked boring in the best possible way: hardened, layered, filtered, scoped, or simply not reachable from the outside.
At the time, I was honestly a bit discouraged by that. There is that stupid dopamine loop where every test makes you hope for the big breach, the big finding, the movie moment. Even if you know that is not the responsible thing to want, the brain still wants the reward.
But the next day I realized that the lack of a dramatic breach was exactly what made the experience valuable.
The result was not “I broke something”.
The result was “I was able to follow the process at all”.
That is much more interesting, and honestly much more concerning.
The Part I Cannot Unsee
The model did not magically make me a security researcher. It did something more subtle: it gave structure to the parts of the process I was missing.
That is what made the night feel different. I was not just asking random questions and getting random answers. The model was helping me keep the investigation alive. It suggested branches when I was unsure where to go next, helped interpret strange responses, turned messy observations into checklists, and made it easier to compare behavior across different surfaces without losing the thread.
The important shift was not expertise replacement. It was expertise scaffolding.
I still needed enough technical literacy to understand what was happening. I still needed to know when an answer looked wrong, when a result was probably noise, and when a hypothesis was worth testing again. But the model compressed the distance between curiosity and method. It made the process smoother, faster, and more persistent than it should have been for someone with my background.
That is the part I cannot unsee.
For a developer, the bar becomes much lower. You do not need to be an elite security researcher to start thinking in a more structured way. You need curiosity, patience, enough technical intuition to keep going, and a model that can keep feeding the loop.
At internet scale, that matters.
A redacted version of the architecture I ended up mapping belongs here. The details should stay intentionally generic, because the point is not the target. The point is that ordinary internet infrastructure can now be inspected with much more structure, patience, and speed.
Why Mythos Scares Me
This is where Mythos enters the picture for me.
Not only Anthropic’s specific model, but the category it represents: models that are not just good at writing code, but explicitly strong at cybersecurity reasoning, vulnerability discovery, attack-surface mapping, exploit-chain analysis, and defensive triage.
My small Sunday night experiment was done with open tooling, no real cybersecurity background, and a lot of curiosity. That is the baseline. Now imagine the same workflow with a model actually optimized for this domain.
That is what scares me.
Not because I think one model will instantly destroy the internet. Reality is usually more boring than that. The scarier version is slower, cheaper, and much more scalable: a world where attack-surface discovery becomes easier for everyone, including the people who already know exactly how to cause damage.
People like me becoming faster is already a problem. A developer with basic security intuition, an agentic tool, and a cyber-capable model can suddenly test more, compare more, automate more, and reason more systematically than before.
But the real damage will not come from curious developers.
The real damage will come from criminal groups, fraud networks, ransomware crews, and state-level actors using these systems at scale. Cloud infrastructure, exposed services, forgotten panels, weak authentication, stale dependencies, supply chains, customer databases, payment flows, internal tools, all of this becomes more interesting when the cost of looking drops.
This is also why I do not think access control alone can solve it.
If Anthropic handles Mythos responsibly, that is good. If they restrict access, add KYC, monitor usage, and focus on defensive partnerships, that is better than the opposite. But it still does not contain the category.
KYC controls access to one product from one vendor. It does not stop another vendor from building something similar. It does not stop open-source models from catching up. It does not stop workflows from being copied, agentic patterns from spreading, or weaker models from becoming good enough for a large amount of real-world abuse.
It may slow down lazy misuse. It may make a public launch less chaotic. It may buy time.
But the most dangerous actors are also the ones most able to work around friction. They can use intermediaries, stolen identities, compromised accounts, shell companies, alternative providers, or eventually local models.
The threat is not one login page.
The threat is the capability becoming normal.
The Internet Gets Pressure-Tested
The bad scenario is not a movie-style AI instantly breaking every system.
The bad scenario is more boring and probably more realistic: the internet gets pressure-tested by everyone.
Forgotten CMS installs. Old dashboards. Misconfigured reverse proxies. Leaky admin panels. Stale dependencies. Weak authentication. Cloud buckets nobody checked in years. Internal tools accidentally exposed to the public internet.
All the boring stuff.
The stuff companies postpone because it is not urgent until it becomes extremely urgent. The stuff nobody wants to budget for because it does not ship a feature. The stuff that keeps working only because nobody has looked closely enough.
And now looking is getting cheaper.
This is the aftermath I am worried about. Not robots magically breaking encryption or one-clicking the cloud. Just massive, cheap, systematic pressure against the weak long tail of the internet.
Small companies first. Local businesses. Underfunded teams. Forgotten projects. Badly maintained SaaS products. Then suppliers. Then customers. Then the larger systems connected to them.
Because that is how real damage usually happens: not through the strongest door, but through the boring side entrance nobody checked in years.
Cybersecurity Becomes Everyone’s Problem
There is another possible outcome.
Maybe this pressure is exactly what forces companies to wake up.
And I mean finally.
A lot of companies do not take cybersecurity seriously. Some barely care before getting owned, and some somehow still do not care after getting owned. Security is treated like an annoying cost, a compliance checkbox, or something to think about only when a customer asks for a PDF.
That mindset will not survive this shift forever.
If AI makes reconnaissance cheaper, defense has to become more continuous. If AI makes vulnerability discovery faster, patching has to become less theatrical. If AI makes weak configurations easier to find, secure defaults matter more. If attackers get copilots, defenders need copilots too.
Being prepared does not always mean doing cinematic cybersecurity.
For most companies it means boring things done consistently. Know what is exposed to the internet. Remove forgotten services. Enforce strong authentication. Disable legacy endpoints. Patch software before it becomes interesting. Rate-limit login and API endpoints. Monitor logs like they matter. Run regular external attack-surface reviews. Give developers enough security literacy to avoid obvious mistakes.
Most of this is not glamorous.
That is exactly why it gets ignored.
But the era where ignoring it was cheap may be ending.
For AI labs, the responsibility is different. Cyber-focused models are not normal productivity tools. They need staged access, serious monitoring, abuse-resistant agent tooling, cyber capability evaluations, defensive partnerships, disclosure pipelines, and sandboxing that is tested like real infrastructure.
But even that only buys time.
The hard part is not controlling one model from one lab. The hard part is preparing for the moment this capability becomes normal across the industry. Once that happens, safety cannot depend only on who gets access. It has to depend on whether the systems being tested are actually ready to be tested.
Back to Blox Space
For developers, preparation means accepting that security is no longer someone else’s job.
I do not think every developer needs to become a full-time security researcher. I am not one either. But we do need to understand the basics: authentication boundaries, input handling, exposed services, logging, dependency risk, rate limits, secrets management, deployment configuration, and permissions.
Not because every developer will become an attacker.
Because attackers are getting better tools, and developers are the ones building most of the things those tools will test.
The next generation of attackers will have copilots. Defenders need them too.
At 2 AM, I closed the laptop at Blox Space feeling exhausted and weirdly empty.
There was no cinematic breach. No dramatic ending. No secret admin panel magically opening in front of me. For a moment, that felt disappointing.
The next day, it felt like the point.
The important part was not that I broke something. The important part was that I could follow the process at all.
That is why I think we need to prepare for Mythos, not only Anthropic’s Mythos, but the whole category of models it represents.
Because once this becomes ordinary, cybersecurity is not going to stay a niche concern for security teams.
It is going to become everyone’s problem.