Back to Home
Cloudflare tested Mythos in real code and exposed the upcoming clash between offensive and defensive AI

Cloudflare tested Mythos in real code and exposed the upcoming clash between offensive and defensive AI

2026-06-01•Rebeka Editorial•6 min
Publicidade

There is a moment when an AI laboratory stops being just a provider of models and starts directly influencing the balance between digital attack and defense. Cloudflare's report on Project Glasswing, published on May 18, 2026, captures exactly this point by describing tests with security-focused models, including Anthropic's Mythos Preview, across more than 50 internal repositories.

The text is valuable because it avoids triumphalism. Cloudflare does not claim to have found the cure for offensive or defensive security with LLMs. What it shows is something more useful: these models can already identify vulnerabilities and accelerate relevant work, but they still require much more serious architecture, process, and oversight than the public excitement often suggests.

What happened

The company explained that it had been testing a variety of security-oriented LLMs on its own infrastructure for months. The goal was twofold: find potential vulnerabilities before attackers do and understand what attackers might do as specialized models improve. Mythos Preview was highlighted for having been used in more than fifty of the company's repositories.

The report suggests a pragmatic view. Instead of asking whether the model “passes the benchmark,” Cloudflare looked at performance in live code, with real noise, dependencies, ambiguity, and competing priorities. This type of test has much more value for those who need to make operational decisions.

The technique behind

LLM-assisted security is not a simple question-and-answer problem. Finding relevant vulnerabilities requires reading multiple files, understanding data flow, interpreting implicit assumptions, and being able to distinguish real risk from noise. In production code, this mixes with organizational context, distributed architecture, and local conventions.

That's why Cloudflare emphasizes process and architecture. A model can point out promising paths, but if it is poorly positioned in the workflow, it only generates an avalanche of alerts that are not very actionable. The real usefulness depends on how the findings are triaged, cross-referenced with human knowledge and transformed into concrete correction.

There is an important technical tension here. The better these models become for defenders, the more potential capacity offensive agents also gain. The same ability to track exploration paths can be used to close or open breaches. AI security is inevitably a race between increasing capacity and increasing governance.

Why this matters

For security teams, the message is straightforward: specialized LLMs are already useful enough to get into the real flow, but not in a naive way. They can extend coverage, aid early discovery, and speed inspection, especially in code bases too large for human linear review. This is valuable because the modern attacking surface continues to grow faster than teams.

For the market, Cloudflare's publication is important because it describes a practice that is likely to become common. Companies with critical infrastructure will not wait for academia to resolve all their queries. They are experimenting now, in production, to understand what works before the adversary finds out first.

The future it anticipates

It is plausible to imagine a scenario in which every relevant organization has “defensive copilots” continually scanning code, pipelines, and configurations, not as replacements for security teams, but as permanent amplifiers. Human work migrates to validation, prioritization and mitigation design.

But this vision has a disturbing mirror. If security models get really good, offensive actors will also be able to automate reconnaissance, hypothesis clustering, and assisted exploitation at unprecedented rates. The likely future is not stability, but simultaneous escalation on both sides.

What to watch out for

The main point will be the false positive rate versus the real value. Tools that “see problems in everything” tire teams and generate distrust. Another point will be operational secrecy: companies will share little about what the models actually find, because this directly affects their own defensive posture.

The governance of these tests also deserves attention. Bringing increasingly capable models into contact with critical code requires clear limits on access, retention, and oversight. The architecture around the model is perhaps as important as the model.

Cloudflare's report is worth just that. He doesn't sell a miracle. It shows a plausible and uncomfortable future, in which security AI will be indispensable and dangerous at the same time. Anyone who treats only one side of this equation will be left behind.

Sources

  1. https://blog.cloudflare.com/cyber-frontier-models/
Publicidade

Projects, automation and applied AI

Want to build something like this for your business?

I build websites, automations, integrations, AI agents, scraping workflows and conversion pages that turn manual processes into useful systems.