The Most Capable Cyberattacker Ever Built Is Now Public
Anthropic just put Mythos-class AI in the hands of anyone with a subscription. The model that can find your exposure is now public. The model that can't be locked is coming. Here's why infrastructure invisibility is the only defense that doesn't depend on being faster than the machine.
Somewhere in your infrastructure is a way in — a forgotten endpoint, an exposed port, a flaw that's quietly survived every audit you've paid for. You don't know where it is. As of yesterday, finding it no longer takes a nation-state or a research team. It takes a subscription.
Yesterday Anthropic released Claude Fable 5, the most capable AI ever put into general circulation. Buried in the same announcement is the part that should reorganize your roadmap: in Anthropic's own words, these models perform reconnaissance, discovery, and lateral movement — the full opening sequence of a breach, executed autonomously, at machine speed. The tool that maps your exposure used to be rare and expensive. Now it's public.
If that reads like marketing, look at what the previous generation already did. Two weeks ago a researcher pointed Opus 4.8 — last generation, not even yesterday's release — at Zcash. Inside 24 hours it surfaced a counterfeiting flaw that had survived four years and multiple expert cryptographic audits. One model. One day. A bug a generation of specialists missed.
That was the floor. Yesterday raised the ceiling.
The Question Isn't Whether You're Exposed
Run the numbers honestly. If a public model finds a four-year-old flaw in a well-audited system in a single day, the question was never whether your infrastructure has one. It's who is looking, what they already have, and whether they'll bother to tell you when they find it.
Anthropic kept the unrestricted cyber variant — Mythos 5 — behind a small set of vetted defenders for now. That is the responsible call. It is also a countdown. The capability is real, the access program is already widening, and no one is locking it down on behalf of whoever comes after you.
Here is the uncomfortable part for detect-and-respond: every tool in that model assumes you have time. A scanner that probes your perimeter no longer gets tired, gets bored, or moves on. It tries every door at once, endlessly, for the price of a subscription. You cannot staff your way past that. You cannot alert your way past it. The race to detect-faster-than-the-attacker is a race the machine wins by definition.
The Only Move That Doesn't Depend on Speed
So stop racing. Take yourself off the map.
If an attacker can't find your infrastructure, its speed and capability stop mattering. There's nothing to scan, nothing to enumerate, nothing to exploit. That is the entire premise of LayerV: don't defend the target — remove it.
In practice, that means making resources invisible by default. No permanent URLs. No always-on endpoints. No standing credentials for an autonomous agent to enumerate. When an authorized user proves identity through your existing IdP, a single-use qURL™ appears for the duration of their session — and disappears the moment they're done. It runs at the protocol layer, built on the open OpenNHP standard from the Cloud Security Alliance and aligned with NIST 800-207.
An AI adversary's first move is reconnaissance — mapping what's exposed before it touches anything. Network hiding removes that first move entirely. There is no surface to enumerate, no endpoint to probe, no door to knock on. The most capable attacker ever built cannot exploit what it cannot find.
This is not another layer of defense stacked on the pile. It is the absence of a target.
Why It Matters This Week, Not Next Quarter
Gartner projects that by 2030, half of all enterprise security spend will shift toward preemptive capabilities rather than detection and response. The launch yesterday is what that projection looks like arriving early. For leaders deciding where the next dollar goes, the implications are concrete:
- Less surface area for adversarial AI to analyze
- Nothing for automated reconnaissance to map in the first place
- No standing endpoints for credential and enumeration attacks to target
- Per-session audit trails that satisfy compliance without widening posture
The gap between what this technology can do and what your perimeter can stop closed measurably yesterday. It will not wait for your next budget cycle, and it will not announce itself before it arrives.
Don't wait for the breach to tell you where you were exposed.
Take the Next Step
- Book a 15-minute executive briefing — see the business case for invisible infrastructure
- Try the qURL Playground — make any resource invisible in one API call, free
- Read how it works — the technical deep dive
You can't outrun the most capable attacker ever built. You can make sure it never finds you.