What Time Is It Really?
The last three articles established the diagnosis.
Humanity built the most capable autonomous hacker in history as a side effect of building a better reasoning system. The same capability exists, or will exist shortly, in the hands of adversaries who face no disclosure obligations, no safety architecture, no coordinated vulnerability windows, and no board of directors asking uncomfortable questions about liability.
The water has receded. The wave is on the horizon. The 6% patch rate means the beach is full of known vulnerabilities waiting to be activated.
You’ve read it. You’ve understood it. You’ve forwarded it to someone.
Now what?
This article is not more fear. The fear is established and it is warranted. This article is for the CTO who read the diagnosis and is now sitting at their desk asking the only question that matters after a correct diagnosis: what do I actually do, and is it too late to do anything?
The answer to the second question is: it depends on what you’re trying to catch.
Your Watch Is Set to the Wrong Time Zone
The standard enterprise response to a threat of this magnitude runs on a specific clock. Awareness brief to the security team. Risk assessment commissioned. Results presented to the board in Q3. Budget allocation approved for Q1 next year. Implementation begins Q2. Review scheduled for Q4.
That clock was designed for a threat environment where attacks evolved at human speed. Where finding a critical vulnerability took months. Where the window between a threat being identified and it being weaponised was measured in quarters, not hours.
That clock is now running approximately two years behind real time.
Not because the people running it are incompetent. Because the clock itself was built for a different world and nobody has replaced it yet. Most organisations are standing in the station reading a departure board that was accurate in 2022, holding coffee, watching for a train that left while the timetable was being printed.
Resetting the clock does not mean panic. It does not mean abandoning everything in motion. It means understanding precisely which decisions are still catchable and which ones have already left the station — and acting on that distinction with the urgency the actual timeline warrants, not the urgency the procurement cycle allows.
What Has Already Left the Station
Some things cannot be recovered regardless of what you do today. Understanding this clearly is not defeatism. It is the prerequisite for spending your energy on what is actually catchable.
The vulnerability landscape has changed permanently. The 10,000+ critical vulnerabilities Glasswing found in the world’s most important software exist whether you act on them or not. The ones in software you run are in your stack today. A Mythos-class model — defensive or offensive — will find them in hours when pointed at your infrastructure. The question is who points one there first.
The adversarial capability timeline cannot be reversed. Anthropic crossed the threshold. Other laboratories will cross it. The capability exists in the world now. No policy, no export control, no international agreement changes that fact. The only variable is what you do with the window that remains between now and the moment adversarial deployment at scale becomes operationally confirmed.
The talent and blueprint transfers have already happened. ASML’s EUV knowledge, TSMC’s process expertise, the foundational AI research pipeline running through Western universities for two decades — that transfer is complete. The hardware constraint is real but softening. Acting as if the gap is static is reading a timetable printed two years ago.
Knowing what has already left the station prevents you from spending resources trying to catch it. That energy belongs elsewhere.
What Is Still Catchable — But Only Just
This is the part that matters. There are three things still within reach for an organisation willing to act on the actual timeline rather than the procurement cycle.
The patch window is still open. Barely.
Of the 1,596 vulnerabilities Glasswing disclosed to open-source maintainers, 97 have been patched. The remaining 94% are sitting in coordinated disclosure windows — known, documented, exploitable by anyone who finds them independently. Those windows close as patches ship. But patches ship at the rate human maintainers can process them, which is slower than the discovery velocity by orders of magnitude.
The organisations that deploy Fable-class models against their own infrastructure now — before the adversarial equivalent is confirmed operational — find what the adversary would find, on their own timeline, with the ability to remediate before activation. That window is open today. It will not be open indefinitely.
This is not a scheduled activity. It is not a Q3 initiative. It is something that should have started the week Glasswing results were published and can still start this week if the decision is made today.
The attack surface can still be reduced.
Not eliminated. Reduced. There is a meaningful difference between an infrastructure that has been deliberately architected to minimise exploitable surface and one that has accumulated attack surface over years of convenience-driven decisions.
Every external-facing service that does not need to be external-facing is an unnecessary exposure. Every dependency whose provenance is unknown is an unaudited risk. Every authentication system resting on libraries that haven’t been reviewed since they were installed is a liability with an unknown due date.
Mapping the actual attack surface — not the theoretical one in the architecture diagram, the real one as it exists in production today — and systematically reducing it is work that can begin immediately and produces measurable reduction in exposure with every step. It does not require a completed programme to deliver value. Each reduction is a closed window before the wave arrives.
The architectural decision is still in front of most organisations.
The majority of enterprises have not yet made an irreversible infrastructure commitment that locks them into a posture they cannot change. Cloud contracts renew. Migrations can be scoped differently than they were scoped last year. The decision about where sensitive workloads live and who controls the infrastructure underneath them is still open for most organisations.
That decision has a different weight today than it had two years ago — not because the philosophy of sovereign infrastructure changed, but because the threat model underneath it changed. Running sensitive workloads on infrastructure you do not own, in a jurisdiction whose legal architecture can compel disclosure, operated by a provider whose own attack surface just produced 2,000 critical vulnerabilities in a single month of Glasswing testing — that is a different risk calculation than it was before April 2026.
The decision is still catchable. The window for making it without crisis pressure is closing. Organisations that make it now do so with planning time, migration runway, and the ability to architect correctly rather than under duress. Organisations that make it after a significant incident do so reactively, expensively, and with whatever posture the crisis allows.
The Clock Reset Is Not Complicated
It has three steps. None of them require a completed programme. All of them can begin this week.
Step one: Find what Mythos would find.
Point Fable 5 at your own infrastructure with an honest red team brief. Not a compliance checklist. Not a penetration test scoped to stay within comfortable boundaries. A genuine nation-state level threat model applied to your actual production environment. Find the 27-year-old authentication library. Find the unpatched dependency three levels deep in your supply chain. Find the network path from your internet-facing service to your most sensitive data.
The finding is uncomfortable. The alternative is someone else finding it first, on their timeline, for their purposes.
Step two: Establish what you actually control.
Not what the architecture diagram says you control. What you actually, physically, legally, and technically control. Which hardware is yours. Which networks are yours. Which software stacks are audited end to end. Which dependencies have known provenance. Which data is in a jurisdiction whose legal architecture you understand.
Most organisations that do this exercise honestly discover the gap between the diagram and the reality is larger than they assumed. That discovery is valuable precisely because it can be acted on. An unknown gap cannot be closed. A known one can.
Step three: Make the architectural decision with the current threat model, not the 2022 one.
Where do your sensitive workloads live. Who controls the infrastructure underneath them. What is your legal exposure if that infrastructure is compelled to disclose. What is your operational exposure if that infrastructure is the subject of a Glasswing-equivalent finding by an adversary who does not coordinate disclosure.
Those questions have different answers today than they had two years ago. The organisations making infrastructure decisions with 2022 threat models are still reading the old timetable.
What “High Ground” Actually Looks Like Operationally
The wave article used the tsunami metaphor. High ground is the prescription. But high ground is not an abstraction — it has a specific operational definition.
It is not a compliance certification. ISO 27001 was not designed for a threat environment where zero-day discovery costs nothing and takes hours. A certified organisation with an unpatched 27-year-old vulnerability in its authentication stack is a certified organisation with an unpatched 27-year-old vulnerability in its authentication stack.
It is not a vendor promise. No cloud provider’s security architecture was designed around Mythos-class autonomous vulnerability discovery at scale. The shared responsibility model assumes the infrastructure layer is hardened. That assumption is being actively stress-tested right now against vulnerabilities nobody knew existed two months ago.
It is not a policy document. Policies describe intent. The adversary operates against reality.
High ground operationally means three things.
Infrastructure you own and control, where the attack surface is visible to you and manageable by you, and where the legal and technical authority to respond to a finding rests entirely with you rather than with a provider operating under a different jurisdiction’s law.
A software stack that is audited end to end — not assumed to be secure because it is widely used, but actually examined against the current threat model with current tools at current capability levels.
A response architecture that operates at machine speed, not procurement speed. Because the adversary’s discovery velocity is now measured in hours, and a response architecture that requires a committee to approve a patch has already lost the race before the committee convenes.
The Verdict
The train schedule was accurate. The watches were wrong.
The information required to understand this threat has been public and available at every step. The Farewell Dossier in 1981. The ASML AIVD report. DeepSeek R1 landing inside the assumed gap. Glasswing finding 10,000 critical vulnerabilities in software everyone thought was hardened. Every data point was posted on the departure board in plain language.
The organisations that missed the train did not miss it because they lacked information. They missed it because the coffee was warm and the procurement cycle felt more real than the timetable.
There are trains still running. The patch window. The attack surface reduction. The architectural decision made with the current threat model rather than the comfortable 2022 version. Those departures are still catchable for organisations willing to read the actual board rather than the one printed two years ago.
But the platform is not empty. Other passengers are reading the same board now. The organisations that move in the next quarter do so with planning time and architectural options. The ones that wait for the official intelligence assessment confirming the threat have already narrowed their options to whatever posture the crisis allows.
Reset the clock. Read the current board. The next train is still here.
Whether you’re on it is a decision made today, not in Q3.
Cătălin Lichi is the founder of Sugau — bare-metal Kubernetes, sovereign infrastructure, and private AI for organisations that have decided to read the current timetable. sugau.com.au