Anthropic Mythos and Salesforce Security: A Guide to the Attack Surfaces You Have Not Audited Yet

Anthropic released Claude Mythos on April 7, 2026, and the mean time to weaponize a vulnerability collapsed from 2.3 years to 20 hours. Most Salesforce orgs have not updated their security controls to match. Beech Horn, Technology Engagement Manager and Architect at Banham Group and author at Salesforce Ben, joins Matt Meyers, Salesforce CTA and CoFounder and CEO of EzProtect, to translate what the Mythos-ready framework from CSA, SANS, OWASP, and [un]prompted means for Salesforce security teams right now. Three principles from this session: agent harnesses cannot distinguish instructions from data, so design around that assumption. React on Salesforce Core inherits the entire npm supply chain attack surface. NIST stopped enriching most new CVEs, so your vulnerability management workflow needs a new baseline. If your security controls were built for a world where exploits took months, this guide is for you. In this session: Anthropic Mythos, Salesforce security, Agentforce, ForcedLeak, React Multi-Framework, Vercel breach, NIST NVD, CSP whitelist audit, AI vulnerability framework, Agentforce Vibes, offensive AI, honeypots, canary records, prompt injection, supply chain security #salesforceadmin #salesforce #salesforcedevelopers #salesforceapex ➡️ Are you actively choosing to put your Salesforce data at risk? Download our guide to secure your org https://ezprotect.io/platform/ Timecodes 0:00 Introduction and what is Salesforce Security Office Hours 2:35 Speaker introductions 5:17 Recap of last session on Lightning Web Component security 6:09 Salesforce MFA enforcement update for June 2026 11:54 The breach wall and why this list keeps growing 13:28 What is Anthropic Mythos and why it matters for Salesforce 16:33 The Mythos-ready framework from CSA, SANS, OWASP, and [un]prompted 23:33 Time to exploit collapsed from 2.3 years to 20 hours 26:08 ForcedLeak: the Agentforce attack that already happened 28:14 React on Salesforce Core and the new supply chain attack surface 36:32 React CVEs and what they mean for Multi-Framework 37:37 Vercel breach and agentic supply chain compromise 39:28 NIST stops enriching most new CVEs 41:34 Offensive AI is already shipping: Gemma 4 and Shannon 43:21 Will AI replace human pen testers 49:28 Agentforce Vibes model versions and the production code question 51:24 Priority actions for this week, 45 days, and 90 days 56:39 Audience Q&A opens 58:08 Honeypots and canary records in Agentforce 1:02:17 A2A, MCP security, and agent-to-agent traversal risks 1:05:22 Wrap up and upcoming sessions 🔔 Subscribe to EzProtect - For Salesforce Best Practices here    / @mattmeyers-cta   📚Learn More About Virus Scanning in Salesforce ➡️ https://www.ezprotect.io 📚Learn Common Virus Scanning Myths in Salesforce https://ezp.fyi/3NeZY48 📆 Book a time to talk with us https://ezprotect.io/schedule ----------------SOCIAL--------------- ✅ Twitter:   / ezprotect   ✅ Instagram:   / ezprotect.co   ✅ LinkedIN:   / matt-meyers-cta