ACSC Publishes Guidance on Frontier AI Cyber Threat Landscape

As frontier artificial intelligence (AI) technology matures and becomes more accessible, the cyber threat landscape will evolve rapidly alongside new model releases. Anthropic’s blog post (7 th April 2026) provides an illustrative example of what frontier AI technology could mean for the cyber security community and how we can collectively respond.

These developments are not unexpected. Over the past two years, AI capabilities have advanced rapidly, with OpenAI warning as early as December 2025 that forthcoming frontier models will pose a high cyber security risk. It is important to remember that there are also opportunities for the cyber security industry to use these frontier models to mitigate cyber threats before they occur, a sentiment shared by the National Cyber Security Centre – United Kingdom (NCSC-UK) in their recent blog post.

Software has always contained vulnerabilities – most minor, some severe. Discovering and exploiting serious vulnerabilities has traditionally required rare expertise, deep system knowledge and significant time. As a result, many vulnerabilities have remained undiscovered and unexploited for years.

AI is changing this dynamic. As each successive generation of frontier model demonstrates greater proficiency in reading, reasoning about and manipulating code, the cost, effort and expertise required to discover and exploit vulnerabilities in software is steadily decreasing. According to Anthropic, Claude Mythos has discovered long‑standing vulnerabilities that have survived decades of human review and millions of automated tests, and in some cases resulted in the development of sophisticated exploits.

Anthropic’s Project Glasswing: Securing critical software for the AI era is an example of the cyber security benefit that AI can bring. These frontier models are not creating new vulnerabilities; they are identifying those that already exist. By ensuring these frontier models are used to remediate vulnerabilities in software before they can be exploited, the end result is more secure software that is harder to exploit.

Defending our technology infrastructure

In preparation for the continued release of improved frontier models with enhanced capabilities, organisations should continue to focus on good security practices. Although no mitigation strategy can provide complete protection, organisations should implement a strong cyber security baseline aligned with ASD’s Information security manual (ISM) and the Essential Eight, to materially reduce cyber security risk.

Organisations are encouraged to pay particular attention to the following mitigation strategies and consider how best to apply them within their environment:

• Reduce attack paths and attack surfaces Organisations should assess which systems are exposed to external networks and whether such connectivity is operationally necessary. Where connectivity is necessary, organisations should minimise attack paths by restricting network access or applying appropriate isolation, such as network segmentation and segregation, to limit potential pathways for compromise. Organisations should also limit attack surfaces by only using software, hardware and services from reputable suppliers that have demonstrated a commitment to the security of, and transparency for, their products and services. If this has been done previously, organisations should reconsider their security posture for these systems in light of the changing cyber threat environment and engage with vendors to confirm their approach to using AI tools to identify and patch vulnerabilities. For more information, please refer to the Guidelines for system hardening chapter within ASD’s ISM and ASD’s Implementing network segmentation and segregation publication.
• Patch everyday Organisations should remove or replace software that is no longer supported by vendors. As vendors become faster at identifying and remediating vulnerabilities an increased tempo of patch releases is expected. Organisations should adopt a patch every day mentality to ensure these patches are applied as quickly as possible, particularly for software, hardware and services exposed to the internet. Organisations may benefit from considering more regular patch and outage windows to facilitate this and should reconsider risk tolerance for patch testing windows prior to deployment. Consider applying all patches regardless of severity ratings, as lower severity vulnerabilities can be chained together and severity assessment processes may not keep pace with the rate of vulnerability identification, limiting the availability of assessed severities. Consider the use of software-as-a-service cloud services from reputable cloud service providers, to shift the burden of patching away from organisations. These activities will become more important as AI-enabled attack capabilities become more widely available. For more information, please refer to the Guidelines for system management chapter of ASD’s ISM, and ASD’s Strategies to mitigate cyber security incidents and Patching applications and operating systems publications.
• Use AI to identify vulnerabilities Organisations that develop software should ensure they are implementing a Secure by Design and Secure by Default approach. Follow best practice for secure software development and consider how frontier models can be used to strengthen code before it is deployed into production. For more information, please refer to the Safe software deployment: How software manufacturers can ensure reliability for customers publication.
• Implement layered security Resilience to AI-enabled attacks cannot be achieved through a single solution and requires a defence‑in‑depth approach, aligned with ASD’s guidance on modern defensible architectures. Organisations should continue to implement improvements that align to a layered architecture with clear traceability between business objectives, security goals and technical design decisions, supported by security principles such as ‘never trust, always verify’ and ‘assume breach’. Organisations should also adopt Secure by Design practices, embedding a security‑first mindset into the procurement, development and deployment of software, hardware and services. For more information, please refer to ASD’s Secure by Design guidance.

Conclusion

AI will have a disruptive effect on the traditional cyber security ecosystem, changing the way we defend our technology infrastructure. By harnessing the cyber uplift capabilities of AI, we will be able to achieve more secure outcomes. As organisations transition to an increasingly AI-enabled world, good cyber security practices remain critical.

The Australian Signals Directorate's Australian Cyber Security Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Details are available through our Partnership Program.
To report a cyber security incident, visit cyber.gov.au or call 1300 292 371 (1300 CYBER1).