The AI Your Marketing Stack Runs On Is Now a Security Problem. Brand Leaders, Pay Attention.

Claudia Giraldo
Brand Strategy, Performance Marketing, Creative Direction, Marketing Leadership, Case Studies
Project Glasswing

A few days ago, Anthropic announced something most marketers scrolled past: a new frontier model called Claude Mythos Preview, released not to the public but to a gated group of security partners under a program called Project Glasswing. The headline that caught the security world's attention: Mythos can autonomously find and exploit zero-day vulnerabilities across every major operating system and web browser, including a 27-year-old bug in OpenBSD and a 16-year-old flaw in FFmpeg that decades of human reviewers and automated fuzzers had missed.

If you're a CMO, Brand Director, or founder reading this and wondering why I'm writing about kernel exploits on a marketing blog, stay with me. This is the most important story in our industry right now, and almost nobody on the marketing side is talking about it.

The part nobody on the marketing side is saying out loud

Your marketing stack is a software stack. HubSpot, Klaviyo, Meta Ads Manager, Shopify, GA4, Looker Studio, Airtable, Zapier, the fourteen AI copywriting tools your team trialed last quarter, the Chrome extensions your media buyer installed without asking, all of it is code. All of it is sitting on top of libraries, APIs, and integrations that were written by humans and reviewed by humans and, until very recently, could only be audited at the speed of humans.

That speed just changed. Anthropic's own security team used Claude Opus 4.6 to find over 500 previously undetected vulnerabilities in production open-source code that enterprise applications depend on. Mythos Preview, the successor now in gated release, is meaningfully better. And the same capabilities that let defenders find those bugs let attackers find them too. Anthropic has been explicit about this tradeoff, which is why Mythos is restricted to vetted partners like CrowdStrike and select open-source maintainers rather than shipped to everyone with a credit card.

Here's the part that should matter to brand leaders: the gap between "a vulnerability exists" and "a working exploit is in the wild" has collapsed from weeks to hours. One documented case turned a known CVE into a working privilege escalation exploit in under a day for less than $2,000 in compute. That is not a future problem. That is the current operating environment for every SaaS vendor in your stack.

Why this is a brand problem, not just an IT problem

I've spent fifteen years in performance marketing, and I can tell you with certainty: the average marketing team's vendor vetting process is a demo, a pricing call, and a thumbs-up from whoever champions the tool. Security review, if it happens at all, happens at the enterprise tier and usually only because procurement forces it.

That worked when the worst-case scenario was "this tool is kind of clunky." It does not work when the worst-case scenario is "this tool's third-party dependency had a ten-year-old bug and your customer database is now on a forum."

And make no mistake when that happens, it is a brand problem. Customers do not distinguish between "we were breached" and "our email service provider was breached and our list leaked." They see the logo on the apology email, and the logo is yours. The trust equity you spent years building on thoughtful creative, consistent voice, and genuine community gets cashed out overnight because someone in ops picked a vendor based on a G2 review.

What I'm doing about it, and what I'm recommending to clients

This isn't a "panic and rip out your stack" post. It's a "grow up about vendor risk" post. Here's the framework I'm now running my own agency and client engagements through:

1. Build a real vendor inventory. Most marketing teams cannot produce a complete list of every tool touching customer data in under a week. That's the first problem. You cannot vet what you cannot see. I keep a living Airtable for every client that catalogs every MarTech vendor, what data it touches, who owns the relationship internally, and when the contract renews. It takes an afternoon to build and it is the single highest-leverage thing a Brand Director can do this quarter.

2. Ask vendors the uncomfortable question. When I'm evaluating a new tool, I now ask directly: "What is your process for incorporating AI-assisted security review into your codebase? Are you using reasoning-based vulnerability scanners or only pattern-matching SAST tools?" The answers tell you everything. Vendors who look confused are vendors who are going to be on the wrong side of the next disclosure cycle. Vendors who have a real answer, who can talk about Claude Code Security, or Semgrep, or whatever reasoning-layer tool they've adopted, are vendors who understand the world they're operating in.

3. Stop treating "enterprise-grade" as a meaningful phrase. It means nothing. SOC 2 compliance means a vendor passed an audit at a point in time against a checklist that was designed before reasoning-based exploit generation existed. Ask for their incident response timeline. Ask when they last rotated their signing keys. Ask if they subscribe to responsible disclosure programs. If they cannot answer in plain English, they are not enterprise-grade, regardless of what their sales deck says.

4. Own the customer communication plan before you need it. I now include a "vendor breach response draft" in every brand playbook I build. Who sends the email. What the subject line is. Which executive signs it. What we say in the first 24 hours versus the first 72. The worst time to write that document is the day you need it. The best time was last quarter. The second-best time is this week.

5. Push back on the "AI tool of the week" culture on your own team. I love experimenting with new AI tools. I also know that every free trial your junior copywriter signs up for is another surface area, another set of terms of service nobody read, another place your brand voice guidelines and unreleased campaign briefs might be sitting in someone's training data or, worse, their breach disclosure. Centralize AI tool adoption. Require approval. Yes, it feels bureaucratic. It is bureaucratic. It is also the job.

The bigger picture

AI security for marketers

We are living through a genuine inflection point in software security, and the marketing industry is, characteristically, the last to notice. Anthropic restricting Mythos Preview to Project Glasswing partners is not paranoia. It's an acknowledgment that the same reasoning capability that finds a 27-year-old bug in OpenBSD can find one in the API your email platform uses to send a welcome sequence. The defenders got there first this time. They will not always get there first.

Brand leaders who treat this as "an IT thing" are going to be the ones explaining a breach to their board in eighteen months. Brand leaders who treat it as part of their actual job, which is protecting the trust customers place in a logo, are the ones who will still have a brand left to lead.

This is exactly the intersection I think about every day: creative direction, performance marketing, and systems thinking. Most people in our industry specialize in one. The ones who will matter in the next five years operate across all three, and that now includes being fluent enough in the security conversation to ask vendors hard questions and walk away from the ones who flinch.

If you're a founder or marketing leader looking at your stack this week and realizing you don't actually know what's in it, that's where to start. Not with panic. With an inventory.

Why Your Ad Creative Is Your Biggest Performance Lever (Not Your Targeting)