81% of teams ship broken code: Mythos made that inexcusable (www.techradar.com)

A recent analysis highlights a pressing cybersecurity risk: 81% of global AppSec leaders admit to knowingly shipping code with vulnerabilities, largely due to overwhelming complexity and resource constraints. With the emergence of advanced AI models, such as Claude Mythos, the landscape is shifting. These models can not only identify vulnerabilities but also exploit hidden weaknesses in complex systems, lowering the barrier for potential attackers. This transformation underscores the urgency for organizations to reassess their risk priorities, moving beyond traditional severity scores that don’t account for exploitability in real-world scenarios. The article emphasizes the need for a new paradigm in application security, advocating for continuous embedded security processes that can assess exploitability in real-time across various phases of software development. Attack surfaces now span code creation, CI/CD processes, the AI supply chain, and runtime applications, demanding security measures that are both proactive and context-aware. As AI accelerates both development and the exploitation of vulnerabilities, organizations must adopt hybrid security strategies that separate AI systems from security governance, ensuring a trustworthy assessment that effectively protects against the evolving threat landscape.