Anthropic told the world its newest AI model could find thousands of previously unknown security vulnerabilities across the internet's most critical software. Wall Street's response was immediate and brutal: sell everything.

The iShares Expanded Tech-Software Sector ETF dropped 3.7% on Thursday in a single-day rout that hit every major software name. Palantir, Microsoft, Oracle, Salesforce, Palo Alto Networks. All red. All falling on the same fear: if Claude Mythos Preview can punch holes in enterprise software at industrial scale, the entire value proposition of the legacy software industry just got called into question.

This is not a hypothetical. Anthropic launched Project Glasswing this week, a consortium of 50+ companies including Apple, Google, Microsoft, Nvidia, Amazon, JPMorgan, and the Linux Foundation. They all got early access to Mythos Preview. The purpose: let them scan their own systems before the model gets loose in the wild. The model has already found thousands of zero-day vulnerabilities, including decades-old bugs in some of the most scrutinized code on the planet.

Here is the part that rattled investors: Anthropic's frontier red team lead Logan Graham told WIRED that the model achieves things a senior security researcher could accomplish. But it does them at machine speed, at machine scale, without coffee breaks. That sentence alone should keep every CISO in America awake tonight.

The market math is straightforward. Enterprise software companies sell security, reliability, and trust. If a single AI model can systematically expose the weaknesses in their products faster than they can patch them, the value of those products drops. And if this model exists at Anthropic today, equivalent capabilities will exist at OpenAI, Google, and open-source labs within 6 to 24 months. That is not my timeline. That is Anthropic's.

The selloff hit cybersecurity stocks especially hard, which tells you something about how confused the market is. CrowdStrike and Palo Alto Networks dropped despite being Glasswing partners. Investors could not decide whether these companies are the ones who benefit from AI security tools or the ones who get replaced by them. The honest answer: probably both, at different timescales.

Anthropic CEO Dario Amodei said the quiet part out loud in the Glasswing launch video: "We haven't trained it specifically to be good at cyber. We trained it to be good at code, but as a side effect of being good at code, it's also good at cyber." Read that again. The cybersecurity capability is a side effect. Imagine what happens when someone trains a model specifically for offensive security.

The broader implication: we are entering an era where software security assumptions that have held for decades are about to break. The cat-and-mouse game between attackers and defenders is about to get played at a speed neither side has experienced. Companies that move fast will survive. Companies still running legacy code with known architecture patterns will get eaten alive.

Wall Street priced in some of that reality on Thursday. It has not finished pricing it in.