On June 11, 2026, I led an in-depth discussion at AGI Bar in Shanghai with more than thirty security practitioners about the cyber capabilities Mythos demonstrated. When agents can continuously perform asset discovery, vulnerability analysis, PoC/EXP writing, path reasoning, and operational orchestration, how should cybersecurity be rebuilt? This post starts from attack-chain compression, introduces the defender's equation in the AI era, and outlines short-term capabilities such as asset inventory, continuous red team validation and vulnerability scanning, and automated security operations, plus long-term paths toward reachability governance, blast-radius compression, and Agent Skill engineering.

Anthropic launched Project Glasswing and Claude Mythos Preview, demonstrating formidable automated vulnerability capabilities across OpenBSD, FFmpeg, the Linux kernel, and more. This post asks where security practitioners should anchor their value as execution-layer skills become increasingly automatable—from “doing the work” to “deciding what work matters,” why higher-level judgment resists replacement longer, and how mastering AI agents becomes the new universal baseline.

The coming era is likely to be the most dramatically changing period in human history. The greater our inertia, the further we might slide down the wrong path. Breaking inertia and embracing change is the most important thing for 2026 and beyond.