How AI is working to make your iPhone and Mac nearly impervious to attacks

Software security is a nightmare. You’ve probably noticed that every few weeks, there’s an update for your Apple devices that patches dozens of vulnerabilities, and it never seems to stop. Modern software is so complex and so interconnected with other software that it’s almost impossible to keep up with the threats.

The “attack surface” of any system is the total amount of potential areas of attack. It’s all the code a hacker could find a hole in to compromise your device, program, software, or service. And with the growing size and scope of code, together with expanded libraries, APIs, and middleware, the attack surface of modern code is vast.

It’s the job of security engineers at companies like Apple to find and fix all the potential security flaws, but it’s a job too big. Hackers only have to find a single unknown flaw, while the security engineers have to find and fix all of them.

This gives the attackers a major advantage. It has meant that software security has become less about an attempt to close every hole than it is about raising the bar for attackers–making exploits so difficult and expensive that they at least become rare.

But all that is about to change.

AI coding agents are changing the rules

AI coding agents have gotten really good. In fact, in many areas, they’re better than your average programmer, and in some areas better than all but the best experts. Anthropic’s AI model Opus and the Claude Code tool are considered among the best. The folks at Mozilla used Opus 4.6 to scan through the Firefox codebase and found 22 security-sensitive bugs.

Think about that. This is a browser company with a team of experts whose job is to find and fix vulnerabilities, and this AI agent was able to find problems that led to 22 more.

It goes further. Anthropic’s next model is Mythos. It’s not released yet, but the company says it’s much better at code analysis and generating the current Opus 4.7 model. So Anthropic put it to the test. Dubbed Project Glasswing, Anthropic gave security researchers at Apple, Google, Microsoft, Cisco, the Linux Foundation, Amazon Web Services, and a few others early access to the Mythos model, along with a fund to spend on finding and fixing security holes.

How good is Glasswing? That same team that used Opus 4.6 to find and fix 22 security bugs in Firefox then got access to the Mythos preview. Firefox version 150 has fixes for 271 vulnerabilities found by it. That’s right, after Opus found 22 security bugs, Mythos found 271 more!

Firefox says “just one such bug” would have been cause for serious alarm in 2025, and “so many at once make you stop to wonder whether it’s even possible to keep up.”

Leveling the playing field

The Mythos AI model is such a good coder that Anthropic is making sure critical companies get a chance to use it before it is released, specifically to test its ability to find and fix software security vulnerabilities.

It’s so good, in fact, that it could be dangerous. Bad actors can already use public tools on code repositories like GitHub to find vulnerabilities and exploit them, rather than fix them. Imagine them having access to a much, much better AI agent. You can see why Anthropic feels Mythos is too dangerous to release to the public right now, and why it’s working with a limited number of critical companies to provide access so they can shore up their software first.

Eventually, AI coding agents as good as Mythos, or better, will be widely available. That’s a security nightmare, right? Quite the opposite. It means security engineers at the world’s biggest companies are no longer at a massive disadvantage.

Currently, there is so much code and so much software interoperability in all our devices that it’s impossible to secure them all. Hackers have all the time in the world and only have to find one flaw. Security researchers are limited in number and have to fix problems before they’re exploited. But AI agents can operate at scale. They can give the world’s biggest software vendors the equivalent of thousands of expert security programmers with the capacity to scrutinize everything before it is released to the public.

Yes, advanced AI coding agents let the bad guys operate at a greater scale, but they also let the good guys find and fix problems just as efficiently. It’s an advantage they’ve never had before, and with the ability to work on code before it is released, the “defense” in the cybersecurity race may actually gain a big advantage over the “offense” for once.

Combine this with the ability for security researchers to work with the handful of companies capable of making AI coding agents this advanced, to build in safeguards that make their public versions less useful for bad actors, and we could be entering a golden age of cybersecurity.

Britta O’Boyle

What’s next for Apple users

The last few major OS updates from Apple have been loaded with security updates. There were dozens of fixes in iOS 26.3 and dozens more in 26.4.

In the short term, we can expect the OS 27 updates this fall to close more security holes than ever before, and probably some OS 26 updates to bring these fixes to older devices. I wouldn’t be surprised to find that, sometime in the next six months, we get an OS update from Apple that has 100 or more security fixes.

We’re in a scary transition period where AI is helping the hackers as much as it’s helping the software creators. But this transition will be fleeting as old software libraries, the foundation for so much modern software, is shored up.

Within a year or two, our devices, software, and the services we use should be safer than ever, at least on a technical level. Now if we could just get people to stop using “123456” and “admin” as their passwords.