#IlSole24Ore is, openly, one of the very few Italian newspapers I still bother to read. Owned by Confindustria, the Italian employers’ federation, and you can tell. But it writes about the economy with a rigour that has gone missing nearly everywhere else in this country, and from time to time it produces investigations that earn back the price of the copy. #ItalianMedia.
Yesterday, however, I found a piece in it that made the hairs on my arms stand up.
The article is titled “No, #Mythos is not the end of cybersecurity: it is its evolution in #AI sauce”. The headline alone is a small monument to the spirit of our age. AI sauce. As if we were discussing a new condiment in the chilled aisle, and not the model that #Anthropic itself, in its public technical report, describes as too dangerous to release because nobody, not even them, has guardrails strong enough to prevent its misuse. #AIRisk.
The issue is not that the piece is controversial. The issue is that it is written, evidently, by someone who has never set foot in a regulated bank’s machine room, does not grasp the economics of a #ZeroDay attack, and has not understood what Anthropic has actually put in motion with #ProjectGlasswing. And it is a problem, because it appears in the newspaper of Italian industry, read by the very banks it discusses. #BankingCybersecurity.
Let us go through it point by point.
“AI sauce” and the art of reassuring people who should be alarmed #ReassuranceTrap
The thesis of the piece is straightforward. Mythos created a bit of panic, #FrankElderson (Vice-Chair of the #ECB Supervisory Board) announced to the Financial Times that he would meet with European banks on Tuesday, but “things stand differently”. Mythos is just one of many. OpenAI announced #Daybreak, Microsoft unveiled #MDASH, several Chinese cybersecurity firms have done the same. It is not the end, it is the evolution. In sauce, indeed.
This is the textbook structure of the reassuring piece. Take the fact, trivialise it with a culinary metaphor, list competitors so the reader sees a normal market dynamic, conclude that all we need is to get organised. A survival manual for business journalism that does not want to confront its industry. Works beautifully when the subject is a new washing machine. Slightly less well when the subject is a system that, within weeks, has found thousands of #ZeroDay vulnerabilities in every major operating system and every major web browser. #AISecurity.
Anthropic, in its public technical report, writes in black and white that Mythos Preview found a 27-year-old denial-of-service bug in the #OpenBSD TCP SACK implementation, an operating system literally built to be secure. It found a 17-year-old remote code execution flaw in the FreeBSD NFS server, exploited end-to-end with no human guidance. Across roughly 7,000 entry points in the OSS-Fuzz corpus, Opus 4.6 produced a single tier-3 crash, Mythos achieved full control flow hijack on 10 fully patched targets. On Firefox JavaScript engine vulnerabilities, Opus 4.6 produced 2 working exploits, Mythos produced 181. For anyone in the field, those are paradigm shift numbers. For whoever writes for Il Sole 24 Ore, they are sauce. #ParadigmShift.
Patches installed in less than an hour, or how to write a manual of non-resilience #OperationalResilience
The article’s central argument is a gem worth the whole piece. The author says that Elderson’s concern, that AI lets criminals analyse patches in hours rather than weeks and weaponise them before companies patch, is “a false problem”. Why?
Because, he writes verbatim, “banks and companies must already today be able to install patches within a few hours (better still less than one) from release if they do not want to risk being compromised”. #PatchManagement.
Less than an hour.
On core banking systems. On payment switches. On #SWIFT gateways. On IBM Z #mainframes. On transactional middleware.
Without change advisory boards, staging environments, regression tests, business approvals, maintenance windows agreed with corporate clients, tested rollback plans, or #DORA articles 7-9, which require documented testing and change management procedures.
Straight to production, like a WhatsApp update.
Anyone who has worked even a week inside a regulated bank knows that a patch on critical systems goes through a workflow that takes days, sometimes weeks. Not because of inefficiency, but for the same reason a hospital does not administer a drug without a checklist: because a bad patch on a payment switch halts transactions across Europe, and an unnoticed regression on a core banking platform can crystallise eight-figure losses before anyone realises. #ChangeManagement.
The article does not say this, because evidently the author does not know. If he had ever set foot in a Tier-1 bank’s machine room, he would be more alarmist than the alarmists. And he would, I suspect, be keeping his savings under the mattress, next to the cat and his mother-in-law’s preserved tomatoes. #BankingReality.
The five things the piece did not see, and that a teenager with a GitHub account would have #FiveBlindSpots
Let me list, as a courtesy to the reader, what the article should have said and did not.
First. Mythos is not just a more powerful version of the usual model. It is a measurable discontinuity. The numbers in Anthropic’s technical report show a jump, not a progression. Treating it as “evolution” is exactly like calling the Wright brothers’ first aeroplane an “evolution” of the bicycle. #Discontinuity.
Second. The real issue is not patch analysis speed. It is the collapse of the marginal cost of attack. Finding a 27-year-old bug in OpenBSD cost, until six months ago, weeks of work by a senior red teamer at 1,500 euros a day. Now it costs less than 50 dollars of compute. This is not a cybersecurity phenomenon, it is an industrial economics phenomenon. It is the moment when a historic asymmetry between offence cost and defence cost collapses, and no culinary metaphor captures it. #ThreatEconomics.
Third. The genuine risk is dual-use proliferation. The author himself notes in passing that “several Chinese cybersecurity firms have done the same, and many more will follow”. Exactly. Then, however, he treats it as good news (more models, more competition, healthier market). It is not. In 12 to 24 months we will have open-weight clones of Mythos-class capability. At that point, the #OffenseDefenseAsymmetry tips toward attackers, because attackers do not have DORA, do not have #NIS2, do not have an Audit Committee demanding a remediation plan.
Fourth. The operational framework the article proposes, “install patches in less than an hour”, is incompatible with every operational resilience framework currently in force in Europe. It is literally in conflict with DORA. Suggesting it means either not having read the regulation, or having read it without understanding it, or deliberately choosing not to mention it. #DORACompliance.
Fifth. Elderson’s concern is systemic, not operational. He is not asking banks whether their #SIEM is up to date. He is asking whether the European banking ecosystem, as a whole, can absorb a simultaneous cyber shock across multiple institutions, triggered by an AI that has found the same vulnerability in all of them at near-zero cost. That is a #SystemicRisk question, not a technical chat. The article handles it as if it were a condominium quarrel about pruning the cypress.
The real scoop the piece missed: European digital sovereignty has already been sold #DigitalSovereignty
We arrive at the only passage in the article worth anything, the one that, had it been developed seriously, would have made a front-page story instead of a reassuring column.
The author writes: “specialised AI security models must be made available to European companies”.
True. Except the opposite has already been decided.
Project Glasswing, the coalition Anthropic has put together to give exclusive access to Mythos, includes: Amazon Web Services, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorgan Chase, the Linux Foundation, Microsoft, NVIDIA, Palo Alto Networks. Plus around 40 additional selected organisations, all sitting inside the US perimeter and its supplier ecosystem. #EUtech.
European banks: zero. European institutions: zero. European cybersecurity vendors: zero.
Anthropic has earmarked up to 100 million dollars in usage credits for Glasswing partners, plus 4 million in direct donations to open-source security. A consortium almost entirely American, funded by an American company, on an American model, regulatorily aligned with US frameworks. #USHegemony.
European digital sovereignty, at this moment, is not a battle in progress. It is a war already lost, and the protagonists, evidently, have not yet noticed. European banks, over the next 12 months, will discover they must buy defensive protection from the same actors who host the offensive weapon. When they figure that out, the only news they will read about it in the Confindustria-owned daily will be that everything is under control, and that this is merely evolution in AI sauce. #VendorLockIn.
The business journalism that absolves the industry it should hold to account #ItalianJournalism
This is not the first time Italian business journalism chooses the register of the tranquilliser when it should pick the one of analysis. It is a stable genre, and it presumably pays well. The mid-level banker reading Il Sole at seven in the morning wants a piece of news that lets him walk into the management meeting and say “yes, we are concerned, but in the end it is a matter of patching cycles”. The article gives him exactly that.
The problem is that, a year from now, when the same banker’s #CISO asks for 12 million euros of extra budget to close a resilience gap nobody had foreseen, the article will no longer be around. It will be archived, and nobody will dig it up to demand an accounting for that sentence about patches installed in less than an hour. #Accountability.
Ennio #Flaiano, in his classic Italian diagnosis, used to say that “the situation is desperate but not serious”. Yesterday, on Il Sole 24 Ore, on cybersecurity, it stopped being even desperate. It became reassuring.
And in cybersecurity, reassuring is the most dangerous word in the dictionary. #Technocratico.
All my “insane” books on cybersecurity and governance are here 👉 https://www.amazon.it/stores/author/B0FB47T6Q4/allbooks
Sources
- Anthropic, “Project Glasswing: Securing critical software for the AI era”, https://www.anthropic.com/glasswing
- Il Sole 24 Ore, “No, Mythos non è la fine della sicurezza informatica: è la sua evoluzione in salsa AI”, 26 May 2026
- Dark Reading, “Anthropic’s Mythos Has Landed: Here’s What Comes Next for Cyber”, April 2026
- The Register, “Anthropic to release Mythos-class models to the public”, 25 May 2026
- Cybersecurity Dive, “OpenAI launches Daybreak to combat cyber threats”, 12 May 2026
- Tech Times, “OpenAI Launches Daybreak the Same Day Google Confirmed the First AI-Built Zero-Day Attack”, May 2026
- The Hacker News, “OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation”, May 2026
- CETaS (Alan Turing Institute), “Claude Mythos: What Does Anthropic’s New Model Mean for the Future of Cybersecurity?”, May 2026
- ThreatRoad Substack, “Bug Bounty Programs About to Get Expensive”, April 2026
- Anthropic, Technical Report Mythos Preview, April 2026
- EU Regulation 2022/2554 (DORA), articles 7-9 on ICT risk management and testing