How Claude Mythos, exploding CVEs, and the collapse of compliance theater are rewriting the rules of vendor risk
Last week, Anthropic did something unprecedented: it refused to publicly release its most powerful AI model.
Claude Mythos Preview, the company’s newest frontier system, autonomously discovered thousands of zero-day vulnerabilities across every major operating system and web browser. That includes a 27-year-old bug in OpenBSD, an OS built for security, and a 17-year-old remote code execution flaw in FreeBSD that grants root access to anyone on the internet. The model did not just find these flaws. It chained them together, wrote working exploits, and in one evaluation, escaped its own sandbox to send an email to a researcher who had stepped away from the lab.
Rather than a public launch, Anthropic created Project Glasswing, a restricted coalition of AWS, Microsoft, Apple, Google, Cisco, and others, and committed $100 million in usage credits to get ahead of what the company called a “watershed moment for security.” The message was unambiguous: the vulnerability landscape is about to be reshaped by machines that can discover and exploit weaknesses faster than any human team can patch them.
If that reality concerns you about your own codebase, consider a harder question: what about every vendor in your supply chain?
The CVE Tsunami Is Already Here
Even before the newest AI models entered the picture, the numbers were staggering. FIRST’s 2026 Vulnerability Forecast projects a median of roughly 59,000 new CVEs this year, the first time we will break 50,000, with realistic scenarios pushing above 100,000. That works out to 131 new vulnerabilities published every single day. The first half of 2026 alone has seen over 21,500 CVEs disclosed, an 18% increase over the same period in 2024.
These are not theoretical. Over 54% of critical vulnerabilities now face active exploitation within the first week of disclosure. The window between a CVE hitting the registry and an attacker weaponizing it has collapsed from months to hours. Nation-state actors and cybercriminal groups are using automated tools, and increasingly AI itself, to scan, exploit, and monetize at machine speed.
This week’s news only reinforces the pace. OpenAI was forced to revoke its macOS app signing certificates after a supply chain compromise of the Axios JavaScript library exposed its code-signing pipeline. The attack did not target OpenAI directly. It targeted a dependency, a single compromised open-source package in a CI/CD workflow, and nearly gave attackers the ability to distribute software that looked like a legitimate OpenAI product. Charles Carmakal, CTO of Mandiant Consulting at Google Cloud, who led the response to the SolarWinds breach and has testified before Congress on supply chain risk, summarized the moment: the volume of recent software supply chain attacks is overwhelming, and enterprises need to launch dedicated projects to assess the impact and harden against future attacks.
Compliance Theater Is Not Risk Management
And here is where the industry needs a wake-up call that goes beyond vulnerability counts.
The third-party risk management market is converging on what amounts to compliance theater: a race to help companies check boxes and pass audits faster, generate reports that say vendors were reviewed, and automate the production of documentation that looks thorough on paper. But passing an audit and actually reducing risk are two fundamentally different things.
The Delve scandal made this painfully concrete. In March 2026, an anonymous whistleblower exposed that the Y Combinator-backed compliance automation startup had allegedly generated nearly 500 structurally identical SOC 2 reports, with pre-written auditor conclusions produced before companies even submitted evidence, routed through audit firms that rubber-stamped the results. Y Combinator removed Delve from its directory. Its lead investor, Insight Partners, scrubbed its own investment thesis from the web. And the downstream consequences were severe: LiteLLM, an open-source AI gateway downloaded millions of times per day, held Delve-issued certifications. When LiteLLM’s supply chain was compromised days later, the resulting breach at AI recruiting firm Mercor exposed the personal data of over 40,000 contractors, including Social Security numbers and video interviews, and triggered five federal lawsuits.
The certifications were clean. The audits were passed. And none of it prevented the breach.
This is the core divide emerging in vendor risk management. One side of the market is building faster ways to produce compliance artifacts. The other is building systems that actually reduce risk. At Whistic, we believe the correction is coming, and we are building for what comes after.
The Questions That Actually Matter
When a critical CVE drops, or when a model like Mythos makes entire classes of vulnerabilities exploitable overnight, security teams need real answers from their vendors. Not in 30 days. Not at the next annual review. Now.
Is this CVE present in your environment? What version of the affected software are you running? Are you patched? What is your remediation plan, and what is the timeline to limit the impact on us, your customer?
These are the questions penetration testers use CVE databases to formulate. They are the questions auditors map to control frameworks. And they are the questions that, in an agentic AI world where exploitation can be automated end to end, will determine whether a vendor relationship is an asset or a liability.
The problem is that most organizations still rely on point-in-time assessments. Annual questionnaires that capture a vendor’s security posture on one day and assume it holds for twelve months. Whistic’s own customer interviews found that risk teams rate their confidence in learning about a critical vendor breach within 24 hours at just 5 out of 10. That is a coin flip on the most consequential question in third-party risk.
From Software Tool to Risk Service
The old model of TPRM, send a questionnaire, wait weeks, file the results, repeat next year, was already failing before AI supercharged the threat landscape. Now it is untenable.
At Whistic, we see the entire SaaS model shifting. The industry is moving from providing a tool to delivering a service. Not “software as a service” in the marketing sense, but a genuine service where AI agents handle the bulk of the work, continuous monitoring provides real-time visibility, and actual humans make decisions when it matters most. That is the difference between a platform that generates a report saying you looked at your vendors and a system that ensures you actually reduced your risk.
Our strategic roadmap reflects this conviction. We started where we know the problem best: TPRM, where we have built the deepest expertise in the market and where our AI-first assessment platform already automates up to 90% of manual tasks while cutting assessment times from weeks to minutes. From there, we expanded into Vendor Monitoring, launched at RSA Conference 2026, which provides continuous breach detection with dark web signals and connects every alert directly to remediation workflows inside the same platform. This makes TPRM more valuable and provides continuous visibility rather than a once-a-year snapshot. It also makes it much harder to leave the platform.
Next comes compliance, built into TPRM from day one and designed to be fully agentic from the start, not a bolt-on that recreates the checkbox problem. We prove the agentic model in each new module, then bring those capabilities back to the core, where our customers already live. The endgame is a fully agentic, automated TPRM system. Not labor at every step. Not faster paperwork. Actual risk reduction, continuously, at scale.
Move First
Anthropic launched Project Glasswing because they understood that the window for defenders to get ahead of AI-enabled attackers is measured in months, not years. The Delve collapse proved that compliance artifacts without substance are worse than no certification at all, because they create false confidence. And the cascade from LiteLLM to Mercor showed how a 40-minute exposure window in a single dependency can compromise the personal data of tens of thousands of people.
The organizations that thrive in this environment will not be the ones with the longest questionnaires or the most polished audit reports. They will be the ones that built systems to know when something changes, to ask the right questions in real time, and to act before a vulnerability becomes a breach.
The agentic era of cybersecurity has arrived. The question is whether your vendor risk program arrived with it.
--
Whistic is the AI-first third-party risk management platform that combines automated vendor assessments, continuous breach monitoring, and the Trust Center Exchange to help security teams assess, monitor, and respond to vendor risk in a single system. Learn more at whistic.com.