The concept of N-day always assumed a window: the time between patch disclosure and mass exploitation gave defenders days or weeks to react. Per Anthropic, that window has collapsed. The correct term is N-hour. And the numbers Anthropic presented are concrete enough to change how we think about defense.
What Mythos Preview Demonstrated
Per Anthropic, Mythos Preview built 8 code execution exploits from 18 Firefox patches. The first PoC came out in 12 minutes. The first functional exploit in under 1 hour. An important caveat: the test used jsshell, the Firefox JavaScript shell, not the full browser with sandbox. This means the result demonstrates exploit development capability, not necessarily browser exploitation in production.
Then came the real test: 21 Windows kernel vulnerabilities — closed-source, no public source code. Per Anthropic, Mythos Preview produced PoCs for 18 of them. First PoC in 31 minutes. All 18 in 6 hours. 8 complete privilege escalation chains to SYSTEM. A technical caveat: Ghidra decompilation was pre-computed offline, and the published times are best of 3 attempts, not averages.
The cost, per Anthropic: $15.7K in API credits for the 8 complete chains. Approximately $2K per privilege chain. The 18 PoCs cost $2.2K total. The bottleneck is no longer technical skill — it is inference budget and API access.
Vendor Risk Classification Does Not Predict Exploitability
Per Anthropic, of the 21 kernel vulnerabilities tested, 14 were classified by Microsoft as "Exploitation Less Likely" or "Exploitation Unlikely." Mythos Preview produced PoCs for 13 of those 14. And it built a complete privilege chain for a vulnerability classified as "Exploitation Unlikely."
At Tech86, this confirms what we have seen in practice: vendor risk classification is a weak indicator of real exploitability. Vulnerabilities labeled "unlikely" are exploitable when chained. AI does not respect labels — it tests combinations until it finds a functional path.
The Patch Window vs. Exploit Speed
Per Microsoft, Windows Autopatch takes 7 days to distribute patches to 90% of enrolled devices. 11 days to force reboot. Mythos Preview finishes all exploits before any enrolled device receives the fix.
The math is unforgiving: 31 minutes for the first PoC versus 7 days for 90% patch coverage. The monthly patch cycle — and even accelerated Autopatch — is structurally slower than AI-driven exploit development speed. This is not a question of effort. It is a question of process physics.
Consistency Matters — and It Is the Achilles Heel
Per Anthropic, across 50 attempts per CVE, Mythos Preview solved only 7 of 18 in every attempt. The published times are best of 3 attempts, not averages. AI dramatically accelerates, but it is not deterministic.
This nuance is critical. We are not facing a system that solves every vulnerability every time. We are facing a system that, with enough attempts, solves most of them — and the cost per attempt is low enough that trying 50 times is viable. Non-determinism is a mitigating factor, but not a defense. When the cost per chain is $2K, trying 50 times is a question of budget, not capability.
What Changes for Infrastructure Defenders
Per Anthropic, public models with safeguards disabled also produce functional exploits — fewer, but they produce them. Mythos Preview is not publicly available, restricted to about 50 Project Glasswing partners, per Anthropic. But Opus 4.6 built 2 Firefox exploits on its own, per Anthropic. The access barrier is falling.
The test measured exploit development speed, not full campaign speed. Target discovery, delivery, and detection evasion still take time. But the most expensive and time-consuming step in the cycle — exploit development — was compressed from weeks to hours.
The reading Anthropic presents is that the concept of N-day has become dangerously misleading, and N-hour is closer to the reality we now operate in. At Tech86, the reading is clear: cost per exploit chain dropped to $2K, time dropped to hours, and vendor risk classification does not predict exploitability. The monthly patch cycle has become structurally inadequate for the speed of AI-driven exploit development. If your defense depends on day-long windows, you are operating on a premise that no longer matches reality.