Using Frontier Models Offensively and What This Means For You
AI has never been more dangerous to you and your digital assets.
In the world before AI, software vulnerabilities were hard to detect. It would take weeks, months, and sometimes even years for developers to uncover weaknesses in their software. Some were never discovered until it was too late. These are called zero-day vulnerabilities, meaning an attacker has already discovered them before the developer and there is no patch available. Attackers immediately design malware to exploit these flaws. By the time developers create patches and users apply them, hundreds of systems may already be compromised.
Zero-day vulnerabilities are not easy to detect. Finding them requires significant time and resources, and most discoveries are attributed to well-funded hacking organizations such as state actors or APTs (Advanced Persistent Threats). These are highly organized, often state-sponsored groups with dedicated infrastructure designed specifically to uncover and exploit these gaps.
The vulnerability landscape has shifted rapidly in 2026 with the advent of new frontier models that are exceptionally good at detecting system vulnerabilities, such as Anthropic’s Mythos. These tools have reduced detection time from months to hours or even minutes, and can design exploits almost in real time. With the power of AI, they can also design attack paths by aggregating multiple low-severity vulnerabilities into critical ones. The speed at which an attack can be mounted has dropped dramatically, leaving defenders with almost no time to react. Not only can these models find vulnerabilities in code, but they can also be used to create agents for automated attack execution. APTs are particularly interested in these capabilities and will almost certainly attempt to overcome the guardrails on frontier models to use them offensively.
Organizations will have a tough time adapting their approach to vulnerability management, both in processes and tools. Detection must become continuous, and patching has to happen in near real time. If an organization relies on strict change management processes to apply patches, it will leave thousands of systems exposed until the next change window.
Attackers do not use change windows to mount their attacks nor do they wait 30, 60 or 90 days until you patch your systems.
Detection times measured in minutes need to drop into single-digit territory. Anything slower is risky exposure.
But what does this mean for individual users, outside the office?
Home networks.
High-speed internet connection at home has become ubiquitous. Hundreds of millions of Wi‑Fi routers around the world gating the access from the internet into our home networks, where all our digital devices live: computers, laptops, tablets, TVs, vacuum cleaners, and even light bulbs.
A recent attack by APT28 (the Russian GRU 85th Main Special Service Center, also known as Fancy Bear) exploited a vulnerability in TP-Link routers that allowed attackers to change DNS resolvers on the devices. This enabled them to reroute traffic from home devices to malicious websites, such as fake Outlook Web Access portals. There, attackers harvested user credentials and other sensitive information. It is estimated that Fancy Bear had been doing this since 2024, without detection until April 2026.
This example highlights the weaknesses in SOHO devices. But these devices are rarely the final target. Infiltrating a home network is about exploiting vulnerabilities across the entire ecosystem of home hardware: that Android TV you still use even though it has been out of support for five years, or that robot vacuum cleaner that hasn’t received a security update in years.
Once breached, the initial objective is lateral movement into a more valuable target like your home computer, to harvest credentials, extract data, or simply conscript the system into a botnet used to launch further attacks. These intrusions are not obvious. We are no longer in the era where a virus announces itself by rebooting your computer endlessly. You may never know your network has been compromised. Malware can lurk for years, quietly exploiting your devices and the data they hold.
In nature, a virus does not intend to kill its host, but to feed on it for as long as possible.
Websites / web blogging.
Despite popular belief, the blog is not dead. As of April 2026, roughly 42.5% of all websites on the internet run on WordPress. That makes for about 590 to 605 million sites globally.
WordPress is also the most attacked CMS in the world. While WordPress itself is a solid platform with continuous support, plugins and themes are particularly vulnerable. Hundreds of thousands of plugins are effectively insecure, abandoned by developers or unsupported for years. The same applies to themes. Anyone can create one, but most are not updated regularly. Even when they are, AI-enabled attack frameworks make it nearly impossible for amateur developers without significant resources to discover and patch vulnerabilities in time, leaving these sites exposed.
An estimated 92% of successful WordPress compromises originate from plugin or theme vulnerabilities.
Attackers’ goals vary from monetization through crypto-miners, to data theft, to spam campaigns, or simply reusing compromised infrastructure to launch additional attacks.
Vibe coding.
AI has recently democratized code creation allowing virtually anyone to “code” using just natural language. This has unlocked opportunities for people to build software who never could before, but it has also opened new avenues for attack.
Just because code works does not mean it’s secure.
Most AI coding assistants prioritize functionality over security. Organizations put their developed code through a process called Software Development Lifecycle which integrates security early in the development. This is something amateur vibe coders would not do.
If the creator doesn’t explicitly consider security, vulnerable code makes its way into the final product. Once exposed to the internet, such software becomes an immediate target for automated attack tools that are constantly scanning for new victims. If deployed in a home network, it will introduce risk which an attacker might exploit when moving laterally after overcoming initial defenses.
Conclusion
Things are not looking good for organizations and individual users alike. The weaponization of frontier AI models turns the whole internet into fair game for attackers. The good news is that defenders benefit from the same tools, making this a constant game of cat and mouse.
This might seem overwhelming. So, what can you do in such a complex threat environment?
Enforce the fundamentals:
Patch everything immediately. Turn on automatic patching.
Change your passwords regularly and always use MFA. Use a password vault.
Encrypt your data if possible. Use password vault to store keys.
Don’t run day to day on admin accounts.
Uninstall unused apps/services. More apps - more attack surface.
Always use software from reputable sources/don’t click on shady links. Rule of thumb: if it sounds too good to be true - it’s not.
Backup your data (always!) Turn on automatic backups/use a cloud storage service. Don’t rely solely on offline backups.
Last but not least - keep yourself and loved ones safe. Life is more precious than data.
Very insightful! Keep em coming!
Despite this sounding very scary and concerning for the future, at the same time is not. The average person that uses AI will always be vulnerable to exploits, just as much as the average person was vulnerable to scams in the dial-up era. Some things never change