Scaling Intelligence: The Security Foundations Beneath America’s AI Ambitions Are Cracking

(Vinh X. Nguyen – Council on Foreign Relations) Two bolts of lightning have struck the cybersecurity landscape in six months. In November 2025, Anthropic disclosed that Chinese state-sponsored actors had used its Claude model to run a largely automated cyberespionage campaign; the AI performed 80 to 90 percent of the work across roughly thirty targets. In April 2026, the same company revealed that its Mythos model had autonomously discovered thousands of previously unknown vulnerabilities in every major operating system and browser—a capability the company deemed significant enough to withhold from general release. Between strikes, the steady rain has begun. The rain is AI itself—diffuse, constant, soaking every institution. Much of it nourishes science, software, and defense. But the same rain falls on weakened ground. CrowdStrike documented an 89 percent year-over-year increase in AI-enabled adversary operations. Mozilla’s application of Mythos to Firefox surfaced 271 vulnerabilities in a single evaluation that would have taken elite researchers years to find. Governments and boardrooms are patching, monitoring, and reinforcing. But the harder question is whether the United States can scale what it intends to build with confidence that the ground beneath it will bear the weight. Leadership in AI will not be decided by who trains the largest models. It will be decided by who can deploy them most deeply into the systems that generate advantage, and that depends on whether the foundations can withstand what is now being asked of them. – Scaling Intelligence: The Security Foundations Beneath America’s AI Ambitions Are Cracking | Council on Foreign Relations