alt Hacker NewsMythos actually does change that calculus. Going forward, with access to a mythos caliber llm actors are not tied to bad configs or lazy admins for access. I get that the bs is real. But it's important for you to not rest on your laurels having recognizing that salesmen sell. You actually have to pay attention to and understand the new developments your field. It's sad that the marketing department odd doing a better job than you in that manner
Mythos finds exploits largely by reading source code.
Your open source dependencies may need to be version bumped quickly, but most companies are not going to be immediately exploitable without a large scale source code leak, and an attacker motivated to spend large amounts of money/compute on finding lucrative exploits (not just any exploits).
To me the reaction has been way overblown, though again, very real for large scale open source projects.
And going forward there's not going to be as many issues due to using models defensively, e.g. this vulnerability spike is likely a one time event.
So the fear porn is a bit much.