Agentic AI systems are increasingly being deployed in defence and security networks, but this introduces new attack surfaces — illustrated by reports that an unauthorised group claimed access to Anthropic’s Claude Mythos model within hours of a limited technical preview. The incident highlights that AI capabilities in high-stakes environments are only as secure as the infrastructure underpinning them. Without robust access controls, segmentation, and identity governance, agentic AI deployments can become a significant liability rather than a force multiplier.

Architect’s Take: Before onboarding any agentic AI model into sensitive or defence-adjacent environments, conduct a thorough access control review: enforce least-privilege API access, implement strict identity verification for model endpoints, and ensure AI workloads are isolated within dedicated network segments with full audit logging enabled.

Original advisory: Agentic AI Is Transforming Defense, But Only Secure IT Infrastructure Will Maximize It

This is a webinar featuring HD Moore, creator of Metasploit, focused on shifting security strategy away from reactive patching and towards understanding network exposure and attack paths. The core argument is that zero-days and AI-generated exploits make ‘patch everything in time’ an unrealistic goal. What matters more is controlling what an attacker can reach once they’re inside — a principle of blast radius reduction.

Architect’s Take: Use this as a prompt to audit your network segmentation and lateral movement paths in cloud environments — map east-west traffic flows, review VPC peering and transit gateway configurations, and validate that microsegmentation or zero-trust controls are actually limiting what a compromised workload can reach.

Original advisory: Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore