Dutch Authority for the Financial Markets warns advanced AI is shortening time to exploit vulnerabilities and urges stronger baseline security

The Dutch Authority for the Financial Markets has published a warning that advanced artificial intelligence models are making cyberattack chains faster and more sophisticated, reducing the time firms have to identify, prioritise and fix vulnerabilities before they are exploited. It is urging firms to strengthen baseline security, patch management, monitoring and incident response, with particular attention to firms that have less mature security arrangements or older systems. The update says advanced models are improving at identifying vulnerabilities, combining attack steps and carrying out complex cyber tasks in controlled environments, citing evaluations of Claude Mythos Preview and similar development in other frontier models including GPT-5.5. As a result, firms need faster security updates, better monitoring and a well organised incident response approach. Timely detection, limiting impact by segmenting systems and regularly testing internet-facing systems are becoming more important. The authority highlights medium-sized and smaller firms as relatively more exposed and says they should at least be able to detect anomalies, log administrative actions and set alerts for the highest-risk events. It also notes that firms can assess how AI may be used defensively to identify, prioritise and remediate vulnerabilities more quickly.