COMMENTARY: I've spent 25 years in this industry at Proofpoint, McAfee, and Intel. I've learned to read the announcement inside the announcement.
So, earlier this year when
Anthropic disclosed that
Claude Opus 4.6 autonomously discovered more than
500 zero-day vulnerabilities in open-source software, the headline was about defensive capability.
[
SC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Read more Perspectives here.]
The actual signal was about where sophisticated attackers are moving next – and most security teams aren't tracking it.
What the vulnerability story gets right, and what it misses
Today, AI-native vulnerability discovery now reasons across large codebases the way a skilled researcher would, understanding how components interact rather than matching against known signatures. Both sides can deploy equivalent tooling.
But the symmetric acceleration argument obscures an asymmetry that matters far more. Attacker time-to-exploit after discovery now approaches hours. Defender time-to-patch in production still takes weeks.
When both sides discover the same vulnerability simultaneously, the attacker arrives first. Every time. More surface area, narrower windows, same structural disadvantage for defenders.
Rational threat actors don't keep fighting harder on a more contested surface. They find the one that's still undefended. Right now that surface is organizational trust: the communication patterns, relationship networks, and approval workflows through which enterprises actually function.
HackerOne's 2026 report documents a 540% increase in prompt-injection attacks in 2025 alone. This isn't a prediction. It's already happening.
Where attacks have already moved
In our threat intelligence work, analyzing thousands of sophisticated email attacks monthly, the shift has been visible and measurable. The most advanced campaigns we're tracking aren't targeting systems. They're targeting the organizational model: who talks to whom, who approves what, what legitimate communications look like from the inside.
The Anthropic
espionage disclosure from November 2025 confirmed what we'd been observing at the attack layer. A state-sponsored group used Claude Code to run up to 90% of a full espionage operation autonomously. Recon, credential harvesting, lateral movement, exfiltration, without meaningful human intervention. That's not a faster version of an existing attack. That's a complete autonomous operation built on accumulated organizational intelligence.
Data isn't the trophy for sophisticated actors. It's the ammunition. A single email address has limited value. Add communication style, organizational hierarchy, approval workflow timing, and trusted relationship graphs, and we have the raw material for attacks that yield seven figures. Each additional data point about a specific target multiplies attack value rather than adding to it.
The most dangerous operations generate no alerts for months. They build a behavioral model of an organization from external fragments, waiting for the position to mature.
A deepfaked CFO voicemail cost one financial institution $25 million in 2024. By end of 2026, that attack will be routine.
The architecture question most teams miss
When an email security platform makes a detection decision, what data does it actually reason against?
If it’s a cross-customer signature database, patterns aggregated from thousands of other organizations, there’s a problem. The most sophisticated attacks targeting an organization are designed by actors who already know what generic enterprise communications look like. Our vendor's cross-customer baseline represents information they've already priced into the attack design.
Our organization possesses something no external actor can reconstruct: our specific internal behavioral reality. Who actually communicates with whom, in what register, at what frequency. Whether the CFO initiates wire requests directly or always routes through finance operations. What legitimate executive communications actually look like from the inside, not what they look like in aggregate across thousands of other enterprises.
That internal data has become the foundation of a defense sophisticated attackers cannot design around. Most security platforms never access it.
The attacker reasons against the specific. The defender reasons against the generic. That’s the gap where the breach lives.
The practical test
Run a proof-of-concept against live organizational traffic. Not a vendor-curated sample set, not a lab demonstration. Real email volume, real behavioral baselines, real detection against what the organization actually faces.
The gap between what our existing tool catches and what a contextually-aware system identifies isn't theoretical. It's our quantified risk exposure.
If our vendor requires months of integration before meaningful detection becomes possible, that's an architectural signal. Their detection logic can't get built dynamically from live data. That's not a deployment inconvenience. It's a capability constraint. A platform that achieves meaningful detection within minutes of deployment builds that organizational model dynamically from live data – and that’s what the today’s threat environment actually requires.
Anthropic proved that AI functions as a complete attack platform, not an accelerant. An autonomous operator. The same AI that autonomously found 500 zero-days in controlled testing can autonomously build a behavioral profile of our CFO and generate an impersonation that passes every human review.
We still need software vulnerability management, but most capable threat actors are exploiting organizational trust: the communications layer through which enterprises authorize decisions, move capital, and extend access. The security leaders who build their evaluation criteria around that reality are the ones who stay ahead of the breach, not explaining it after the fact.
Alan LeFort, co-founder and CEO, StrongestLayerSC Media Perspectives columns are written by a trusted community of SC Media cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.
