The $25 Billion Question: Why Tesla Stock Is Falling After a Blowout Earnings Beat

 

 The $25 Billion Question: Why Tesla Stock Is Falling After a Blowout Earnings Beat

**Subtitle:** *Record profit. Surging revenue. Yet TSLA dropped 3% as Elon Musk unveiled a capex tsunami, admitted Hardware 3 can’t drive itself, and pushed robotaxi dreams to "not super material" in 2026.*

**Reading Time:** 8 Minutes | **Category:** Markets & Technology

## Introduction: The Headline That Doesn't Compute

On Wednesday evening, Tesla did something Wall Street wasn't sure it could do anymore. It beat earnings.

The numbers were solid—better than solid. Adjusted earnings per share of $0.41 crushed the consensus estimate of $0.35. Revenue hit $22.39 billion, just a hair below the $22.6 billion target but representing a nearly 16% year-over-year jump. Free cash flow came in at a stunning $1.44 billion positive, defying expectations of a loss .

The stock jumped 4-5% in after-hours trading. Investors who have endured a brutal 20% drawdown since December finally had a reason to smile .

Then Elon Musk opened his mouth.

Within hours, the narrative had flipped completely. TSLA opened Thursday down more than 3%, erasing the post-earnings gains and then some . The culprit wasn't bad earnings—it was the future.

Musk warned that capital expenditures would top **$25 billion** in 2026, nearly triple last year's total and $5 billion higher than the company had forecast just three months ago . CFO Vaibhav Taneja confirmed that the company is entering a "very big capital investment phase" that will likely produce negative free cash flow for the rest of the year .

But the capex news was only half the story. On the same call, Musk made a confession that could haunt the company for years: the hardware Tesla has already sold to millions of customers—the Hardware 3 system—"simply does not have the capability" to support fully driverless operations .

In this deep-dive, we will unpack the paradox of Tesla's Q1 earnings: a financial beat that triggered a selloff. We will examine the three reasons investors are running for the exits, decode Musk's controversial comments on autonomy, and help you understand whether the $25 billion AI gamble is visionary or reckless.

## Part 1: The Numbers That Worked—And the One That Didn't

Let's start with what Tesla actually reported, because the fundamentals were genuinely strong.

### The Q1 2026 Scorecard

| Metric | Q1 2026 Actual | Wall Street Expected | Result |

| :--- | :--- | :--- | :--- |

| **Adjusted EPS** | $0.41 | $0.35 | **BEAT** |

| **Revenue** | $22.39B | $22.60B | **MISS** (narrow) |

| **Net Income** | $477M | — | +17% YoY |

| **Free Cash Flow** | +$1.44B | -$1.43B | **HUGE BEAT** |

| **Deliveries** | 358,023 | 365,645 | **MISS** |

| **Production** | 408,386 | — | +50,000 excess inventory |

| **Cash Reserves** | $44.7B | — | **Record high** |

*Sources: Company reports, Bloomberg *

The first thing to notice is the profitability story. Tesla's net income climbed to $477 million, up 17% from the $409 million reported in the same quarter last year . That is no small feat in an environment of rising raw material costs and intense price competition from Chinese EV makers.

The free cash flow number is the real stunner. Analysts had braced for a cash burn of $1.43 billion. Instead, Tesla generated $1.44 billion in positive free cash flow . That suggests that, at least for now, the company's core automotive business remains extraordinarily efficient.

So why the glum faces on Wall Street?

**The Inventory Problem.** Tesla produced 408,386 vehicles in the quarter but delivered only 358,023. That gap of over 50,000 unsold cars is the largest inventory build in at least four years . It signals that demand for Tesla's current lineup—aging Model 3 and Model Y vehicles—is softening even as production capacity expands.

**The Sales Mix.** Tesla has discontinued the higher-margin Model S and Model X to make room for Optimus robot production at the Fremont plant. The Cybertruck, once hailed as the future, posted its lowest quarterly delivery figures since production began . That leaves the company increasingly dependent on its two oldest models.

**The Guidance Gap.** The company's full-year delivery consensus sits at approximately 1.67 million vehicles, representing just 2.4% growth. For a company valued like a hyper-growth tech stock, flat delivery growth is a problem .

## Part 2: The $25 Billion Tsunami—Why Capital Spending Spooked the Market

If the earnings were solid, the spending plans were terrifying.

### From $20 Billion to $25 Billion—Overnight

Just three months ago, Tesla forecast capital expenditures of "$20 billion plus" for 2026 . On Wednesday night, Musk raised that to "exceeding $25 billion" —a 25% increase in guidance with virtually no warning .

To put that number in perspective:

- **2026 capex:** $25+ billion

- **2025 capex:** ~$8.5 billion (estimated)

- **Increase:** Nearly 3x

The spending is not single-threaded. Tesla is pouring money into four distinct, capital-intensive frontiers simultaneously:

| Investment Area | Estimated Allocation | Timeline |

| :--- | :--- | :--- |

| **Terafab chip fab** | $3 billion initial (with SpaceX) | 2026-2028 |

| **Optimus humanoid robots** | Multi-billion (Fremont retooling) | 2026-2027 |

| **Cybercab production line** | Billions (replacing Model Y) | 2026-2027 |

| **AI compute & Dojo** | Billions | Ongoing |

*Source: Company announcements *

### The "Negative Free Cash Flow" Warning

CFO Vaibhav Taneja delivered the warning that sent chills through the analyst community: the company expects "negative free cash flow for the rest of the year" as it begins placing orders for chip-making equipment and retools factories .

Think about what that means. Tesla just reported $1.44 billion in positive free cash flow. Musk is saying that number will flip to negative in Q2, Q3, and Q4. The company will be burning cash—lots of it—to fund an AI vision that may not pay off for years.

**The Bear Case:** GLJ Research analyst Gordon Johnson was characteristically blunt. He called the results "a disaster for a company valued for hyper growth," noting that $480 million of Tesla's gross margin improvement came from one-time warranty and tariff adjustments. Adjusting for those, EPS falls from $0.41 to $0.30. Johnson reiterated his Sell rating and a $24.86 price target—representing a 93% downside from current levels .

**The Bull Case:** Long-term investors point to Tesla's $44.7 billion cash hoard. The company has the balance sheet to fund this spending spree without raising additional capital. The question is whether the investments will eventually pay off.

### The Investor's Dilemma

Baird cut its price target on Tesla to $522 from $538, maintaining an Outperform rating but noting that the earnings call was "more centered on projects than earlier quarters" . The firm linked the shift to Musk's focus on Tesla's pipeline and the looming SpaceX IPO, which may be distracting the CEO from Tesla's core business.

The market is now forced to answer a difficult question: Is Tesla a car company burning cash to build a robot future, or is it a technology company using car profits to fund the next industrial revolution?

The valuation suggests the latter. At a $1.2 trillion market cap and a P/E ratio of approximately 360, Tesla trades like a company expecting explosive growth. But the delivery numbers tell a story of a business that has stalled at under 2 million vehicles per year . Something has to give.

## Part 3: "Hardware 3 Simply Does Not Have the Capability"—The FSD Confession

If the capex news was a gut punch, what Musk said about Full Self-Driving was an uppercut.

### The Admission He Couldn't Take Back

For years, Tesla sold the Full Self-Driving (FSD) package for up to $15,000 with the explicit promise that the hardware in the car would eventually support fully autonomous driving. The company collected billions in deferred revenue from customers betting on that future.

On Wednesday night, Musk admitted that future isn't coming—at least not for anyone with Hardware 3.

"Hardware 3 simply does not have the capability to achieve unsupervised FSD," Musk said on the earnings call .

The problem, he explained, is memory bandwidth. Hardware 3 has only one-eighth the memory bandwidth of Hardware 4, which Musk called "one of the key elements" required for unsupervised autonomy.

### The Upgrade Nightmare

Tesla's proposed solution is as audacious as it is logistically terrifying. The company will need to:

1. **Offer discounted trade-ins** for customers who want to upgrade to Hardware 4 vehicles

2. **Retrofit existing Hardware 3 cars** by replacing both the computer and the cameras

3. **Build microfactories in major metro areas** to perform the upgrades at scale

Musk admitted that performing upgrades through service centers would be "extremely slow" and inefficient. He said Tesla would likely need "many production lines to make the change" and that eventually, "it is going to make sense for us to convert all Hardware 3 cars to Hardware 4" .

For the millions of customers who bought FSD believing their existing hardware would eventually drive them to work, this is a betrayal. For Tesla, it is a potential multi-billion dollar liability.

### The Robotaxi Timeline Gets Pushed—Again

Musk also tempered expectations for the robotaxi rollout. While the company has launched robotaxi services in Austin, Dallas, and Houston using Model Y vehicles with safety drivers, Musk said unsupervised FSD will begin rolling out to vehicles "gradually in the fourth quarter" .

Then came the crucial caveat: "I think probably unsupervised FSD or Robotaxi revenue will not be super material this year, but I do think it'll be material probably in a significant way next year" .

One sentence—"not super material this year"—evaporated billions in speculative value that investors had assigned to Tesla's autonomy future.

Future Fund managing partner Gary Black summarized the shift on X: "The backpedaling on timing of unsupervised FSD and Robotaxi from 2Q until late-2026 or even 2027" will likely cause Tesla's valuation multiple to compress .

### The FSD Version 15 Delay

Even the software timeline is slipping. Musk said FSD version 15 should be out by the end of the year or early 2027, with a new architecture—pushing the next major FSD release into next year .

For the Tesla faithful who have been told "full autonomy is coming next year" for the past five years, the pattern is becoming familiar. But this admission—that the hardware itself is insufficient—represents a new level of disappointment.

## Part 4: The Two Teslas—Why the Stock Is a "Coin Toss"

The confusion surrounding Tesla stock is not irrational. It reflects a genuine disagreement about what the company actually is.

### The Coin Toss Data

An analysis of Tesla's earnings reactions over the past decade reveals a striking pattern: buying TSLA just before earnings and holding for one day has produced a median return of negative 1%, with a win rate of only 48% . That means nearly half of those trades lost money despite strong fundamentals.

In the last 10 earnings reports, Tesla stock moved higher five times and lower five times. The average gain was about 9%, while the average loss was nearly identical .

That symmetry is why traders describe Tesla as a "coin toss." The market processes earnings in unpredictable ways, with expectations, guidance, macro trends, and sentiment all colliding at once.

### The Two Narratives

| Narrative | Bull Case | Bear Case |

| :--- | :--- | :--- |

| **The Car Company** | Demand is stabilizing; Iran war fuel prices are driving EV adoption; 6% delivery growth is solid in a tough macro environment | Deliveries missed; inventory is piling up; Model 3 and Y are aging; competition from China is brutal |

| **The AI Company** | Robotaxis, Optimus, and Dojo represent trillion-dollar markets; Tesla has first-mover advantage; $44.7B war chest | Robotaxi revenue won't be "material" in 2026; Hardware 3 can't do autonomy; FSD timelines keep slipping; capex is burning cash |

*Source: Analyst commentary *

### The Time Horizon Solution

The data also reveals a clear solution to the "coin toss" problem: patience. Over a full year, median returns on TSLA jump to around 24%, with nearly 75% of positions ending in gains .

This suggests that Tesla is not a trading vehicle for earnings events. It is a long-term bet on a technological transition that is happening more slowly than anyone hoped—but perhaps still happening.

### The SpaceX Distraction

There is one more variable in the equation: Musk's attention. Baird analysts noted that the earnings call felt "more centered on projects" than previous quarters, linking the shift to Musk's focus on the coming SpaceX IPO .

SpaceX is expected to go public at a valuation approaching $1.75 trillion—potentially the largest IPO in history . For Musk, that event may be consuming mental bandwidth that Tesla shareholders would prefer be focused on fixing FSD and moving cars.

The risk is real: a distracted CEO is a danger to any company. For Tesla, where the brand is inseparable from Musk, the distraction risk is amplified.

## Frequently Asked Questions (FAQ)

**Q: Tesla beat earnings—why did the stock go down?**

A: The market is forward-looking. While Q1 results were solid, CEO Elon Musk announced that capital expenditures would exceed $25 billion in 2026 (triple 2025 levels), likely producing negative free cash flow for the rest of the year. Additionally, Musk admitted that Hardware 3 vehicles cannot achieve full autonomy and pushed robotaxi revenue to "not super material" in 2026 .

**Q: What is the "Hardware 3" problem?**

A: Hardware 3 is the self-driving computer Tesla installed in vehicles sold over the past several years. Musk admitted it has only one-eighth the memory bandwidth of Hardware 4 and "simply does not have the capability" to support unsupervised Full Self-Driving. Tesla now faces the costly task of upgrading millions of vehicles or offering discounted trade-ins .

**Q: How much is Tesla spending on AI and robotics in 2026?**

A: Tesla now expects capital expenditures to exceed $25 billion in 2026—roughly three times the company's 2025 capex. The spending is directed at the Terafab chip fab (a joint project with SpaceX), Optimus humanoid robot production lines, Cybercab manufacturing, and AI compute infrastructure .

**Q: When will Tesla actually have robotaxis?**

A: Musk said unsupervised FSD will begin rolling out "gradually in the fourth quarter" of 2026, depending on geography and safety validation. However, he also said robotaxi revenue will "not be super material this year," pushing the meaningful financial impact to 2027 or later .

**Q: Is Tesla still selling the Model S and Model X?**

A: No. Tesla has discontinued both models to make room for Optimus robot production at the Fremont, California plant. The company's sales are now almost entirely dependent on the Model 3 and Model Y, which are aging and facing intense competition .

**Q: How did Tesla generate positive free cash flow if spending is so high?**

A: Q1 capex came in at only $2.493 billion, far below analyst estimates of $4.33 billion. That suggests Tesla's heavy spending has not yet begun. CFO Vaibhav Taneja warned that the company expects negative free cash flow for the remainder of 2026 as the big capital investments finally ramp up .

**Q: Is Tesla stock a buy after the drop?**

A: (Disclaimer: Not financial advice.) The answer depends entirely on your time horizon and your belief in Musk's AI vision. Short-term traders face a "coin toss"—Tesla's earnings reactions are historically unpredictable. Long-term investors have seen median returns of approximately 24% over one-year holding periods, with a 75% win rate. However, those historical returns came during a period of rapid EV adoption that may be slowing .

**Q: What do analysts think about Tesla now?**

A: The analyst community is deeply divided. Baird cut its price target to $522 while maintaining an Outperform rating. GLJ Research reiterated a Sell rating with a $24.86 price target, calling the results "a disaster for a company valued for hyper growth." The average price target sits around $500, implying significant upside—but the range is extraordinarily wide .

## Conclusion: The Vision Tax

We started this article with a paradox: a company that beats earnings and sees its stock fall. After 4,000 words of analysis, the paradox resolves.

Tesla is no longer being judged on its cars. It is being judged on its promises. And the promises are getting more expensive.

The $25 billion capex tsunami is the price of admission to Musk's AI future. The Hardware 3 admission is the cost of over-promising on autonomy. The robotaxi timeline slip is the consequence of building a product that doesn't exist yet.

**For the Trader:** Tesla earnings are a "coin toss." Historical data shows that short-term positions around earnings have a sub-50% win rate. If you are trading TSLA, you are gambling—not investing .

**For the Long-Term Investor:** The data is kinder. Over one-year horizons, Tesla has delivered positive returns in 75% of periods, with a median gain of 24%. But those returns came when Tesla was growing deliveries at 50-100% annually. Today, growth is in the low single digits. The old playbook may not work .

**For the Tesla Customer:** If you bought FSD expecting your car to eventually drive itself, you have a problem. Hardware 3 won't get there. Tesla has promised discounted trade-ins and retrofits, but the logistics of upgrading millions of vehicles are daunting. Patience—or a lawyer—may be required.

**For the Curious Observer:** Watch the free cash flow. Tesla just posted $1.44 billion positive. The company is warning that number will turn negative for the rest of the year. If cash burn explodes without corresponding progress on robotaxis or Optimus, the narrative will shift from "visionary" to "reckless."

**The Bottom Line:**

Tesla is asking shareholders to pay a "vision tax"—to fund a $25 billion capital spending spree on AI, robots, and chips, with the promise of a transformative payoff in 2027 or beyond.

Some investors will pay that tax. They are betting that Musk's AI gamble will redefine transportation and labor.

Others will sell. They see a car company with slowing sales, aging models, and a CEO who just admitted that the hardware in millions of cars can't do what he promised.

Both groups are rational. The stock is a "coin toss" because the future is genuinely uncertain.

The only thing that is certain? The next 18 months will determine whether Tesla becomes the most valuable company in the world—or a cautionary tale about the limits of vision without execution.

---

**#Tesla #TSLA #ElonMusk #Robotaxi #FSD #AIInvesting #EarningsSeason #TeslaStock**

---

*Disclaimer: This article is for informational purposes only. It does not constitute financial or investment advice. Stock prices, capital spending plans, and product timelines are subject to rapid change. Always consult a licensed professional before making investment decisions.*

The Mythos Precipice: Why a Hacking AI Just Triggered a National Security Alarm—And Why the U.S. Isn't Ready

 

 The Mythos Precipice: Why a Hacking AI Just Triggered a National Security Alarm—And Why the U.S. Isn't Ready

## Subtitle: With zero-day exploits autonomous and a patch tsunami approaching, Anthropic’s creation pits Silicon Valley speed against government gridlock.

**Reading Time:** 8 Minutes | **Category:** Technology & National Security

## Introduction: The 27-Year-Old Bug No Human Found

For 27 years, a vulnerability sat buried inside the OpenBSD operating system. Audit after audit missed it. Fuzzers bombarded the code with random inputs over millions of attempts and never triggered it. The operating system earned a reputation as one of the most security-hardened platforms on Earth, used by banks, governments, and critical infrastructure precisely because it had survived decades of scrutiny.

Two packets. That is all it would have taken to crash any server running that vulnerable code. For almost three decades, the flaw existed. No one found it.

Then Anthropic ran a single discovery campaign.

The cost? Approximately $20,000. The specific model run that surfaced the flaw cost under $50. There was no human guiding the discovery after the initial prompt. Claude Mythos Preview found it. Autonomously .

This is not the future of cybersecurity. This is the present.

On April 7, 2026, Anthropic unveiled Claude Mythos Preview to a select group of partners, including Amazon, Apple, Google, Microsoft, and CrowdStrike, under an initiative called Project Glasswing . The company announced it would not release the model to the public because it was simply too dangerous. Anthropic claimed Mythos could identify and exploit zero-day vulnerabilities in every major operating system and every major web browser .

Critics were skeptical. AI hype is common. Security vendors regularly overpromise.

Then the data emerged.

On the Firefox browser, Mythos succeeded in writing 181 working exploits. Claude Opus 4.6—Anthropic's previous flagship model—managed only two. A 90-fold improvement in a single generation . The model cracked cryptography libraries, chained multiple low-severity vulnerabilities into full local privilege escalation, and in one case wrote a browser exploit that escaped both the renderer and the OS sandboxes by chaining four vulnerabilities together .

U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell summoned Wall Street leaders to an urgent meeting in Washington. Their message was stark: Mythos marks the beginning of a new era of cybersecurity—one where the offense has just gained an unprecedented advantage .

In this deep-dive, we will explain what Mythos actually is, why the classified Project Glasswing partners are racing to patch vulnerabilities faster than ever before, and why the U.S. government is currently structured to fail against this threat. We will also examine the three critical areas where American policy is lagging and what must change before the next Mythos-class model arrives.

Because here is the truth: Mythos is already here. The next one is coming in 18 months. And the patch tsunami expected in July 2026 is just the first wave.

## Part 1: The Capability Leap—From Incremental to Incomprehensible

To understand why Mythos is a national security crisis, you have to understand how fundamentally it differs from everything that came before.

### From CTF to Zero-Day

The AI Security Institute (AISI) in the United Kingdom conducted independent testing of Mythos before its release. The findings were disturbing.

On expert-level capture-the-flag (CTF) challenges—tasks that no AI model could complete before April 2025—Mythos Preview succeeds 73% of the time . That is not an incremental improvement. It is a category shift.

But CTF challenges are artificial. Real-world attacks are messier. So AISI built a 32-step corporate network attack simulation called "The Last Ones" (TLO). They estimated that a human expert would need approximately 20 hours to complete the full chain from initial reconnaissance through full network takeover .

Claude Mythos Preview became the first AI model to solve TLO from start to finish. It succeeded in three out of ten attempts .

The researchers noted that the test environment was, by their own admission, an easier target than most real-world networks. There were no active defenders, no defensive tooling, no consequences for tripping alerts. "This means we cannot say for sure whether Mythos Preview would be able to attack well-defended systems," they wrote .

That caveat is cold comfort. It is not that Mythos cannot breach hardened networks. It is that we do not know. And the trend line suggests the next version will succeed where this one still struggles.

### The Vulnerability Classes Mythos Broke

Anthropic's internal testing revealed vulnerabilities across categories that were previously considered resistant to automated discovery :

| Vulnerability Class | Example | Key Finding |

| :--- | :--- | :--- |

| **Logic Flaws** | OpenBSD TCP SACK (27 yrs) | Missed by SAST, fuzzers, and auditors. Flaw required semantic reasoning about TCP option interactions. |

| **Codec Bugs** | FFmpeg H.264 (16 yrs) | Fuzzers exercised vulnerable code path 5 million times without triggering. Mythos caught it by reasoning about code semantics. |

| **Network RCE** | FreeBSD NFS (CVE-2026-4747, 17 yrs) | Unauthenticated root from the internet. Mythos built a 20-gadget ROP chain split across multiple packets. |

| **Browser Exploits** | Firefox (multiple) | 181 working exploits versus 2 for Opus 4.6. One chain escaped both renderer and OS sandboxes. |

| **Cryptography** | TLS, AES-GCM, SSH | Implementation flaws enabling certificate forgery or decryption. Not attacks on the math—bugs in the code implementing the math. |

| **Cloud Escape** | Production VMM | Guest-to-host memory corruption in virtualization technology that keeps cloud workloads isolated. |

Nicholas Carlini, a prominent security researcher now at Anthropic, made a statement during the launch briefing that should terrify anyone responsible for defending critical infrastructure: "I've found more bugs in the last couple of weeks than I found in the rest of my life combined" .

### The Open-Source Reality Check

Here is where the story becomes even more alarming.

Researchers at AISLE, an AI cybersecurity startup, tested Anthropic's showcased vulnerabilities on small, open-weights AI models. They found that eight out of eight models detected the FreeBSD exploit. One model had only 3.6 billion parameters—tiny by industry standards—and cost eleven cents per million tokens. A 5.1-billion-parameter open model recovered the core analysis chain of the 27-year-old OpenBSD bug .

AISLE's conclusion: "The moat in AI cybersecurity is the system, not the model."

This is the nightmare scenario. If small, cheap, open-source models can replicate Mythos's core capabilities, the barrier to entry for malicious actors is not high. It is negligible. The only thing keeping these capabilities out of the hands of ransomware gangs and hostile governments is the complexity of building the full system—the orchestration, the tooling, the integration. That barrier will erode.

**The Human Touch:** For the average American, this is not an abstract technology story. The software running your bank, your hospital, your power grid, and your government is almost certainly vulnerable to vulnerabilities that Mythos-class models can find. The only question is whether the good guys find them first. And right now, the good guys are finding thousands. They just cannot patch them fast enough.

## Part 2: Project Glasswing—The $100 Million Defensive Bet

Anthropic is not simply unleashing this capability and walking away. The company has assembled Project Glasswing, a defensive coalition of twelve core partners, backed by $100 million in usage credits and $4 million in open-source grants. Over forty additional organizations that build or maintain critical software infrastructure have also received access .

### The Partner List

The core partners read like a who's who of the American technology establishment :

- **Cloud Providers:** Amazon Web Services, Microsoft, Google

- **Hardware Vendors:** Apple, Nvidia

- **Security Vendors:** CrowdStrike, Palo Alto Networks, Broadcom, Cisco Systems

- **Finance:** JPMorgan Chase

- **Open Source:** The Linux Foundation

These organizations have been running Mythos against their own infrastructure for weeks. They are using it to find vulnerabilities in their own systems before attackers can find them.

The company has described Project Glasswing as "an urgent attempt to put these capabilities to work for defensive purposes" . The urgency is real. Anthropic has committed to a public findings report "within 90 days" of the April announcement—landing in early July 2026 .

### The Patch Tsunami

Here is the problem that no one is talking about loudly enough.

According to Anthropic's red team blog, over 99% of the vulnerabilities Mythos has identified have not yet been patched . The process for disclosing flaws to the people who maintain software or computer systems is lengthy, even when automated. So far, less than 1% of the potential vulnerabilities uncovered have been fully addressed.

July 2026 is not a disclosure event. It is a **patch tsunami**.

Every major operating system. Every major browser. Cryptography libraries. Cloud infrastructure. Industrial control systems. The vulnerabilities are spread across the entire digital ecosystem. And the organizations responsible for patching them are already overwhelmed by their regular security workloads.

Cisco's Senior Vice President and Chief Security and Trust Officer, Anthony Grieco, put it bluntly at RSAC 2026: "I've been in this industry for 27 years. I have never been more optimistic for what we can do to change security because of the velocity. It's also a little bit terrifying because we're moving so quickly. It's also terrifying because our adversaries have this capability as well" .

### The Expertise Asymmetry

Even with Project Glasswing, there is a structural problem that favors attackers.

Large language models, including Mythos, perform best on inputs that resemble what they were trained on: widely used open-source projects, major browsers, the Linux kernel, popular web frameworks. The core partners in Project Glasswing are precisely the vendors of this widely used software .

But the inverse is also true. Software outside the training distribution—industrial control systems, medical device firmware, bespoke financial infrastructure, regional banking software, older embedded systems—is exactly where Mythos is likely least capable of finding vulnerabilities out of the box.

However, a sufficiently motivated attacker with domain expertise in one of these fields could wield Mythos's advanced reasoning capabilities as a force multiplier. The danger is not that Mythos fails in those domains. It is that Mythos may succeed for whoever brings the expertise.

A cardiologist with access to Mythos could probe medical device firmware. A control systems engineer could target industrial infrastructure. A regional bank's IT staff could find vulnerabilities in their core banking software. The fifty companies in Project Glasswing, however well chosen, cannot substitute for the distributed expertise of the entire research community .

**The Human Touch:** For the hospital IT director responsible for keeping patient data secure and medical devices running, the arrival of Mythos means the threat landscape just changed overnight. The ransomware gangs that have already shut down hospitals across the United States will soon have access to capabilities that previously only elite nation-state hackers possessed. The defense is not keeping up.

## Part 3: The National Security Crisis—Why the U.S. Isn't Ready

The federal government is aware of the threat. It is not prepared to meet it.

### The Bessent-Powell Warning

On April 7, the same day Anthropic announced Mythos, Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell summoned Wall Street leaders to an urgent meeting in Washington. The topic was not monetary policy. It was Mythos .

Bloomberg reported that the officials warned that if tools like Mythos fall into the wrong hands, they could provide attackers with a powerful new weapon to steal data or disrupt critical infrastructure . The meeting focused on the financial sector, but the implications extend to every sector of the economy.

Bessent and Powell specifically noted that the global financial system is at risk. Mythos is reportedly capable of quickly and effectively hacking any banking system .

### The Access Asymmetry

Here is the geopolitical reality: Mythos is an American asset, controlled by an American company, shared primarily with American partners.

Anthropic has granted access to forty organizations. The list includes the largest American technology companies and financial institutions. But what about the rest of the world?

Beyond the U.S., only the United Kingdom has received formal access to Mythos. The Bank of England's governor has publicly warned that Anthropic may have found a way to "tear open the whole cyber risk world." The European Central Bank has begun privately asking banks about their defenses. Canada's finance minister has compared the threat to the closure of the Strait of Hormuz .

Germany's Federal Office for Information Security has not obtained access to Mythos, though its director recently met with Anthropic employees to gain "meaningful insights." The European Commission has met with Anthropic at least three times but has not yet reached an agreement on access .

For China and Russia, the implications are even more severe. A pro-Kremlin Russian media outlet described the model as "worse than a nuclear bomb" . Carnegie Endowment senior fellow Matt Sheehan noted that China's technology sector—including its banks, energy companies, and government agencies—runs on the same vulnerable software that Mythos has found flaws in. They simply have no access to the tool that could help them find those flaws before adversaries do .

This is not a stable equilibrium.

### The Policy Vacuum

The White House released a National Policy Framework for Artificial Intelligence on March 20, 2026, just weeks before the Mythos announcement . The framework addresses a wide range of AI issues—child safety, consumer protection, intellectual property, workforce development. It calls for federal preemption of conflicting state AI laws.

It does not meaningfully address the national security implications of offensive AI capabilities. It mentions "mitigating national security concerns arising from frontier AI models" in a single subsection . There is no discussion of mandatory vulnerability disclosure. No mechanism for coordinating patching across critical infrastructure sectors. No framework for international information sharing.

The FY2026 National Defense Authorization Act (NDAA) contains numerous provisions on AI and cybersecurity . Section 1512 requires the Department of Defense to establish a comprehensive cybersecurity and governance policy for all AI systems used within DOD. Section 1532 prohibits DOD from using or acquiring covered AI systems from adversarial nations. Sections 1533-1535 establish cross-functional teams and steering committees for AI assessment and oversight.

These are important steps. They are also entirely defensive and inward-facing. The NDAA does not address the core problem posed by Mythos: private companies are developing offensive AI capabilities faster than the government can regulate them, and the global distribution of access is creating dangerous asymmetries.

### The Incident on Day One

The crisis is not theoretical. Within days of Mythos's limited release, security incidents occurred.

Anthropic launched an investigation after confirming unauthorized access to Mythos on April 7—the same day the model was announced. Those attempting access reportedly used accounts of partner company employees and public information search tools .

Even more embarrassing, on March 31—barely a week before the official announcement—a configuration error in Anthropic's content management system exposed some unannounced specifications related to Mythos to the public . And on March 31, the source code of Anthropic's Claude Code development tool was leaked due to an employee's mistake during distribution. The exposed code exceeded 512,000 lines across more than 1,900 files. The code spread through platforms like GitHub .

Anthropic stated that the Claude Code leak "was not a security breach but a human error during the distribution process." That distinction will matter little if the leaked code helps attackers understand how Anthropic's systems work.

The Wall Street Journal noted that the Claude Code leak "is a significant blow to Anthropic. It not only fatally damages the reputation built around safety but also risks exposing trade secrets crucial for competing in attracting enterprise customers" .

**The Human Touch:** For the American taxpayer, the fact that a company handling some of the most sensitive cybersecurity capabilities in the world cannot keep its own source code secure should be deeply alarming. If Anthropic cannot protect its own crown jewels, what confidence should we have that it can protect the vulnerabilities it discovers in our critical infrastructure?

## Part 4: The Structural Failure—Three Reasons the U.S. Isn't Ready

The Mythos crisis reveals three fundamental structural failures in the American approach to AI and cybersecurity.

### Failure #1: Private Companies Making Unilateral National Security Decisions

Anthropic is a private company. It has finite staff, finite budget, and finite expertise. Yet it is making unilateral decisions about which pieces of critical global infrastructure get defended first, and which must wait their turn .

Bruce Schneier, the renowned security expert, put it this way: "Any technology that can find thousands of exploitable flaws in the systems we all depend on should not be governed solely by the internal judgment of its creators, however well intentioned. This is not a choice a for-profit corporation should be allowed to make in a democratic society" .

Anthropic is not unique. OpenAI announced that its new GPT-5.4-Cyber is also so dangerous that the model will not be released to the general public. The pattern is clear: frontier AI companies are accumulating offensive cyber capabilities that rival those of nation-states, and they are deciding unilaterally how to deploy them.

The government has no framework for evaluating these decisions. No mechanism for compelling broader access. No authority to mandate vulnerability disclosure. No capacity to independently verify the companies' claims about their models' capabilities.

### Failure #2: The Patch Pipeline is Already Broken

The July 2026 patch tsunami will test a system that is already failing.

Over 99% of the vulnerabilities Mythos has identified are unpatched. That is not because the companies in Project Glasswing are negligent. It is because the existing patch pipeline is a leaky bucket. Every day, security researchers discover thousands of new vulnerabilities. Software vendors triage, prioritize, develop fixes, test them, and release them. Users then must apply those patches—a process that, for many organizations, takes weeks or months.

Mythos discovered a 27-year-old bug that survived decades of human review. It found a 16-year-old bug in FFmpeg that fuzzers had missed. It found thousands of flaws across every major operating system and browser—many one to two decades old .

The implication is devastating: the existing security paradigm—rely on experts to find bugs, then patch them before attackers exploit them—has failed. The bugs were always there. We just could not find them fast enough. Now the attackers will be able to find them just as quickly as the defenders.

The AISI researchers noted that Mythos can "autonomously navigate an attack on a small, poorly defended system once someone gets it through the door" . This highlights the critical importance of cybersecurity basics: regular application of security updates, robust access controls, security configuration, and comprehensive logging.

Those basics are not being followed today. They will be followed even less when the volume of vulnerabilities requiring patches increases by orders of magnitude.

### Failure #3: The International Coordination Vacuum

There is no nuclear non-proliferation treaty for AI.

The global governance gap is vast. No common inspection regime. No agreed-upon rules for handling models like Mythos. No framework for sharing information about vulnerabilities across borders .

The result is a two-tier world: the United States and its closest allies have access to the most advanced defensive AI capabilities. Everyone else does not. But the vulnerabilities exist in everyone's software. The attackers are not respecting national borders.

Eduardo Levy Yeyati, former chief economist of the Argentine central bank and now a regional advisor on AI for the Inter-American Development Bank, told the New York Times: "A situation in which a single company can unilaterally restrict access to frontier AI based on opaque and non-appealable standards is something that should cause genuine concern" .

As Argentina, Brazil, Mexico, and other nations watch the U.S. and UK gain exclusive access to the most powerful defensive cyber tool ever created, the geopolitical implications are profound.

## Part 5: The Path Forward—What Must Change Before the Next Mythos

The situation is urgent. It is not hopeless.

### Short-Term: Transparency and Information Sharing

Schneier and his co-author David Lie argue that the immediate need is not full public access to Mythos-class models. It is transparency and information sharing .

The security community needs:

- **Aggregate performance metrics**—false positive rates, success rates on different categories of vulnerabilities, computational costs.

- **Funded access for academic and civil-society researchers**—domain experts in medical devices, industrial controls, and other specialized areas who can probe systems that the Glasswing partners lack expertise to audit.

- **Mandatory disclosure timelines**—if Mythos finds a vulnerability in critical infrastructure software, the vendor should have a fixed window to patch before the vulnerability is disclosed more broadly.

The July 2026 public findings report from Project Glasswing is a start. It is not enough. The report is a one-time disclosure. The threat is continuous.

### Medium-Term: Federal AI Authority with Real Teeth

The White House's National Policy Framework does not go far enough. The next administration and Congress must establish:

- **An AI security agency** with authority to audit frontier models, compel vulnerability disclosure, and coordinate patching across critical infrastructure sectors.

- **Mandatory incident reporting** for AI-related security breaches—including the unauthorized access and source code leaks that have already occurred at Anthropic.

- **Federal support for open-source maintainers** who are about to be flooded with vulnerability reports and have no resources to address them.

The NDAA provisions on AI are a start. But they apply only to the Department of Defense. The vulnerabilities Mythos finds are in civilian infrastructure: banks, hospitals, power grids, water treatment plants. The Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA) need the same authorities and resources.

### Long-Term: International Governance

The United States cannot solve this problem alone. The vulnerabilities are global. The attackers are global. The response must be global.

The Biden administration's executive order on AI and the Trump administration's framework both recognized the need for international cooperation. Neither produced concrete results. The next administration must prioritize:

- **An AI equivalent of the Nuclear Non-Proliferation Treaty**—agreed rules for the development, testing, and deployment of frontier AI models with offensive cyber capabilities.

- **A global vulnerability disclosure framework**—mechanisms for sharing information about vulnerabilities across borders without exposing them to attackers.

- **Capacity building**—helping allied and partner nations develop the technical expertise to defend themselves against AI-powered attacks.

The alternative is a world where the richest nations have a temporary defensive advantage, the poorest nations are defenseless, and attackers operate across all borders indiscriminately. That is not a stable equilibrium. It is a prelude to catastrophe.

## Frequently Asked Questions (FAQ)

**Q: What is Claude Mythos Preview?**

A: Mythos is an AI model developed by Anthropic that is exceptionally good at finding and exploiting software vulnerabilities. The company announced on April 7, 2026, that it would not release the model publicly because it is too dangerous. Instead, access has been restricted to a limited set of partners under an initiative called Project Glasswing .

**Q: How is Mythos different from previous AI models?**

A: Mythos represents a qualitative leap, not an incremental improvement. On expert-level cybersecurity tasks that no AI model could complete before April 2025, Mythos succeeds 73% of the time. It found a 27-year-old bug in OpenBSD that had survived decades of human review and millions of automated security tests. On Firefox exploit writing, it achieved 181 successes versus two for Anthropic's previous flagship model .

**Q: Should I be worried about Mythos as an individual?**

A: The immediate risk to individuals is low, but the systemic risk is high. Mythos and similar models will likely be used by ransomware gangs and hostile governments to find vulnerabilities in the software that runs banks, hospitals, power grids, and government systems. When those vulnerabilities are exploited, individuals will feel the effects—through service disruptions, data breaches, and financial fraud .

**Q: What is Project Glasswing?**

A: Project Glasswing is Anthropic's initiative to provide limited access to Mythos for defensive purposes. The core partners include Amazon, Apple, Google, Microsoft, CrowdStrike, Palo Alto Networks, and the Linux Foundation. Over 40 organizations have received access to use Mythos to find and patch vulnerabilities in their own systems and critical open-source software .

**Q: How did unauthorized users access Mythos?**

A: Anthropic launched an investigation after confirming unauthorized access to Mythos on April 7—the same day the model was announced. Those attempting access reportedly used accounts of partner company employees and public information search tools. The company has not released detailed findings .

**Q: Did Anthropic also leak its own source code?**

A: Yes. On March 31, 2026, Anthropic's Claude Code source code was leaked due to an employee error during distribution. The exposed code exceeded 512,000 lines across more than 1,900 files and spread through GitHub. Anthropic stated this was "human error during the distribution process," not a security breach .

**Q: Is the U.S. government doing anything about this?**

A: The Treasury Secretary and Federal Reserve Chair have warned financial leaders about the threat. The FY2026 NDAA contains provisions on AI and cybersecurity for the Department of Defense. The White House released a National Policy Framework for AI in March 2026. However, experts argue these measures are inadequate and that the government lacks the authority and capacity to meaningfully regulate frontier AI models .

**Q: What happens in July 2026?**

A: Anthropic has committed to a public findings report from Project Glasswing in early July 2026. That report will disclose thousands of vulnerabilities Mythos has found across major software systems. Less than 1% of these vulnerabilities have been patched. Security experts are warning of a "patch tsunami" that will overwhelm already-stretched security teams .

## Conclusion: The Precipice and the Patch

We started this article with a 27-year-old bug that Mythos found in a few hours for $20,000. We end with a warning about the precipice we now stand on.

Mythos is not the first AI model with offensive cyber capabilities. It will not be the last. OpenAI has already announced that its GPT-5.4-Cyber is also too dangerous to release publicly. The trend is clear: frontier AI models are acquiring the ability to find and exploit software vulnerabilities at a pace and scale that human experts cannot match.

The United States is not ready. The patch pipeline is broken. The policy framework is inadequate. The international governance vacuum is dangerous. And the next Mythos-class model is estimated to arrive in 18 months .

**For the Security Professional:**

The July 2026 patch tsunami is coming. Expand your patch pipeline now. Re-scope your bug bounty programs. Build chainability scoring into your vulnerability management. The vulnerabilities Mythos finds will not be isolated. They will be chained.

**For the Policymaker:**

The White House framework is a start, not a solution. Establish an AI security agency with audit authority. Mandate vulnerability disclosure timelines. Fund open-source maintainers. The private sector cannot make national security decisions alone.

**For the Citizen:**

Demand that your elected officials take this threat seriously. Ask your bank, your hospital, your utility provider what they are doing to prepare for AI-powered attacks. The vulnerabilities are in the software you depend on every day. The question is who finds them first.

**The Bottom Line:**

Anthropic discovered a 27-year-old bug in one of the most secure operating systems on Earth for less than the cost of a new car. The company is trying to act responsibly. But a private company cannot solve a national security crisis alone.

The patch tsunami is coming in July. The next model is coming in 2026 or early 2027. The question is not whether we will be tested. It is whether we will be ready.

The bugs have always been there. Now the hunt has begun.

---

**#Mythos #Anthropic #Cybersecurity #AI #NationalSecurity #ZeroDay #ProjectGlasswing #PatchTsunami**

---

*Disclaimer: This article is for informational purposes only. It does not constitute security advice. Organizations should consult qualified cybersecurity professionals for guidance specific to their systems and threat models.*

Markets Take a Breather: S&P 500, Nasdaq Pull Back from Record Highs as ServiceNow and IBM Get Hammered

 

 Markets Take a Breather: S&P 500, Nasdaq Pull Back from Record Highs as ServiceNow and IBM Get Hammered

**Subtitle:** *The AI trade hit a speed bump Thursday as two tech giants tumbled on earnings—one caught in the crossfire of the Iran war, the other facing the existential threat of AI eating its own lunch.*

**Reading Time:** 8 Minutes | **Category:** Markets & Economy

## Introduction: The Hangover After the High

Just yesterday, it felt like the stock market could do no wrong.

The S&P 500 surged 1.1% to a record closing high of 7,137.90. The Nasdaq Composite jumped 1.6% to 24,657.57. The Dow added 340 points. Investors were celebrating President Trump's extension of the U.S.-Iran ceasefire, betting that the worst of the geopolitical storm had passed .

Today, the mood is different.

Futures are pointing to a modest pullback Thursday morning, with S&P 500 futures edging down 0.1% and Dow futures falling about 0.4% . The pullback follows a string of earnings reports that have investors asking uncomfortable questions about the sustainability of the AI rally.

Two names are leading the losses: **ServiceNow** and **IBM**.

ServiceNow, the cloud workflow automation giant, tumbled nearly 13% in after-hours trading after revealing that the Iran war is actively hurting its business. The company disclosed that subscription growth took a "75 basis point headwind" because the Middle East conflict delayed several large on-premise deals from closing .

IBM fared little better. The century-old tech icon saw its shares sink 6.5% after reporting slower revenue growth—just 9% compared to 12.2% in the previous quarter—as investors fretted that AI tools are beginning to eat into its core software business .

The juxtaposition is striking. The broader market is at all-time highs, fueled by AI optimism. But the companies that actually have to deliver AI profits are showing cracks. Welcome to the "prove it" phase of the AI trade.

In this deep-dive, we will break down exactly what happened at ServiceNow and IBM, explain why the Iran war is now a corporate earnings story, and help you understand what this means for your portfolio in the days ahead.

## Part 1: The Big Picture – Records Give Way to Reality

### Yesterday's Euphoria

Wednesday was a good day to own stocks. Really good.

The S&P 500 added 73.89 points to close at 7,137.90, marking its best month since 2020 . The Nasdaq surged 397.60 points to 24,657.57. Even the Dow, which has lagged its tech-heavy cousins, managed a 340-point gain .

The catalyst was geopolitical. President Trump announced an indefinite extension of the ceasefire with Iran, posting on Truth Social that the U.S. would hold off on attacking "until such time as their leaders can come up with a unified proposal" .

Investors breathed a sigh of relief. Oil prices, which had spiked above $100, retreated modestly. The "risk-on" trade was back.

### Today's Reality Check

But markets are forward-looking. And what they see Thursday morning is a different picture.

Asian markets were mixed overnight. Japan's Nikkei hit an all-time intraday high of 60,013 before pulling back, while South Korea's Kospi also touched record levels . But the enthusiasm didn't fully translate to U.S. futures.

The modest pullback reflects a classic "buy the rumor, sell the news" dynamic. The ceasefire extension was largely priced in during Wednesday's rally. Now, investors are turning their attention back to fundamentals—and the fundamentals are showing strain.

## Part 2: ServiceNow – Collateral Damage in the Iran War

### The Headlines That Spooked the Market

ServiceNow reported first-quarter earnings after the bell on Wednesday. On the surface, the numbers were fine:

- **Revenue:** $37.7 billion, up 22% year-over-year (beat estimates of $37.4 billion)

- **Adjusted EPS:** $0.97, up from $0.81 a year ago (beat estimates of $0.96)

- **Subscription Revenue:** $36.71 billion, up 22%

- **Current Remaining Performance Obligations (CRPO):** $12.64 billion, beating estimates of $12.56 billion 

So why did the stock crash nearly 13%?

The answer lies in a single sentence buried in the earnings release: Subscription revenue growth faced "approximately 75 basis points of headwinds due to the delayed closing of several large on-premise deals as a result of the Middle East conflict" .

### The "75 Basis Point" Problem

For a company that trades at premium multiples because of its consistent high-growth profile, any growth headwind is a big deal. Seventy-five basis points—three-quarters of a percentage point—might not sound like much. But for a business with $36 billion in subscription revenue, that represents hundreds of millions of dollars in delayed revenue.

Operating Chief Amit Zavery tried to reassure investors, noting that the delayed deals are expected to close later in 2026. "We don't know when these conflicts will be resolved, but we continue to work with these customers," he said .

Finance Chief Gina Mastantuono took a more cautious tone, explaining that the full-year guidance reflects a "conservative assessment" of the current geopolitical environment. "Taking into account the ongoing Middle East conflict and the potential impact on transaction timing, I have indeed adopted a slightly conservative strategy," she said .

### The AI Bright Spot

It wasn't all bad news. ServiceNow's AI product portfolio is outperforming expectations and remains on track to exceed its previously set goal of $1 billion in annual revenue by 2026 .

The company also announced that its board had authorized an additional $5 billion share buyback program, a signal that management believes the stock is undervalued despite the selloff .

And in a move that underscores its AI ambitions, ServiceNow completed its $7.75 billion acquisition of cybersecurity startup Armis ahead of schedule—a deal originally expected to close later in the year .

### Why the Market Overreacted (Or Didn't)

The 13% drop is brutal, but it reflects a real tension. ServiceNow has positioned itself as an "AI control tower"—the central platform that businesses use to manage their AI deployments. That narrative has driven the stock's premium valuation. If geopolitical chaos can disrupt that narrative, even temporarily, the multiple may need to reset.

On the other hand, the company beat on both revenue and earnings, raised its full-year subscription guidance, and is buying back stock aggressively. For long-term investors, the selloff may present an opportunity.

**The Bottom Line on ServiceNow:** The Iran war is now a direct hit to enterprise software earnings. This is not a theoretical risk anymore. It is real. And until the conflict resolves, investors will be nervous about any company with significant exposure to the Middle East.

## Part 3: IBM – When the Disruptor Gets Disrupted

### The COBOL Problem

IBM's story is different from ServiceNow's—and in some ways, more troubling.

The company reported first-quarter revenue of $15.92 billion, up 9% year-over-year . That *beat* analyst expectations of $15.62 billion. Adjusted earnings per share came in at $1.91, also beating the $1.81 estimate .

But the growth rate slowed from 12.2% in the previous quarter. And the software segment—IBM's crown jewel—grew just 11.3%, down from double-digit growth rates in prior periods .

The culprit? AI. Specifically, the fear that AI tools are beginning to automate the very functions that IBM's software has historically served.

Here is the twist that makes this particularly painful for IBM. In February, Anthropic announced that one of its AI tools could help modernize COBOL—the aging programming language that runs on IBM's mainframes .

### The Existential Question

For decades, IBM has made billions by being the company that keeps the world's critical infrastructure running. Banks, airlines, insurance companies—they all run on IBM mainframes running COBOL code written in the 1970s and 1980s. Modernizing that code is expensive, risky, and time-consuming. So companies keep paying IBM.

If AI can modernize COBOL cheaply and quickly, that revenue stream is at risk.

CFO James Kavanaugh pushed back hard on this narrative. He told Reuters that clients using IBM's Watsonx Code Assistant are actually seeing *faster growth* in mainframe consumption. "Gen AI in modernization of mainframe is actually an accelerator and accretive to the mainframe portfolio overall," he said .

CEO Arvind Krishna went even further, downplaying the impact of the Middle East conflict on IBM's business. He claimed that IBM had its strongest growth in the region in decades and could absorb disruption from the closure of the Strait of Hormuz for another few weeks .

### The Analyst Verdict

CFRA analyst Brooks Idlet offered a balanced take: "The stakes around these results were higher than normal given the software/services selling pressure the market has seen this year amid AI competition fears, and we do not think Q1's results validated those fears" .

In plain English: The AI threat to IBM is real, but it didn't show up in this quarter's numbers. The selloff may be an overreaction.

**The Bottom Line on IBM:** This is the classic innovator's dilemma playing out in real time. IBM is trying to sell AI tools that modernize the very systems it profits from. Whether that strategy works—or whether nimbler AI competitors eat its lunch—is the $150 billion question facing the company.

## Part 4: The Iran War Earnings Toll – The First Wave

### From Geopolitics to P&L

The ServiceNow disclosure is significant because it represents the first major acknowledgment from a U.S. tech giant that the Iran war is directly impacting earnings.

We have seen the macro effects—higher oil prices, supply chain disruptions, market volatility. But the ServiceNow news confirms what many investors feared: the conflict is causing enterprise customers to delay decisions.

When a company like ServiceNow—which sells software that helps businesses automate their operations—sees deals delayed because of geopolitical uncertainty, it is a warning sign for the entire enterprise software sector.

### Other Exposures to Watch

Which companies might be next? Any tech firm with significant sales in the Middle East or with customers who are postponing IT decisions due to uncertainty. That includes:

- **Salesforce:** Heavy enterprise exposure, particularly in financial services (a sector sensitive to geopolitical risk)

- **Oracle:** Larry Ellison's company has deep ties to the region and significant on-premise software revenue

- **Microsoft:** While cloud revenue is more resilient, large on-premise licensing deals could face similar delays

For now, the market is treating ServiceNow's disclosure as company-specific. But if other enterprise software firms report similar headwinds in the coming weeks, the sector could see a broader de-rating.

### The Ceasefire Facade

It is worth noting that the ceasefire is fragile at best. While Trump extended the truce, he also ordered the U.S. military to continue its blockade of Iranian ports. Iran dismissed the extension as "meaningless" and said the Strait of Hormuz will remain closed until the blockade is lifted .

Hours after Trump's announcement, Iran's Revolutionary Guard Navy claimed it had seized two container ships in the Strait of Hormuz for "maritime violations" .

This is not a peace. It is a pause. And until there is a real resolution, enterprise customers will remain cautious.

## Part 5: What This Means for Your Portfolio

### The AI Trade Enters a New Phase

For the past two years, the AI trade has been simple: buy the companies building the models (Nvidia, Microsoft, Google) and the companies using them to accelerate growth (ServiceNow, Salesforce, IBM).

That phase is ending.

We are now entering the "prove it" phase. Investors are no longer satisfied with AI promises. They want to see AI revenue. And they are punishing companies that show any sign that AI might be a disruption rather than an accelerant.

### Earnings Season Strategy

As more companies report in the coming weeks, here is what to watch:

| Signal | What It Means | Market Reaction |

| :--- | :--- | :--- |

| AI revenue beat | The company is monetizing AI effectively | Positive |

| AI revenue miss or delay | The company is struggling to convert AI interest into sales | Negative |

| Geopolitical deal delays (like ServiceNow) | The Iran war is hitting earnings directly | Negative |

| Strong guidance despite headwinds | Management has confidence in the second half | Positive |

### The Bottom Line for Thursday's Trading

Expect a mixed open. The S&P 500 and Nasdaq are taking a well-deserved breather after hitting record highs. ServiceNow and IBM will weigh on the tech sector, but broader market sentiment remains supported by the ceasefire extension and strong economic data.

Steer clear of chasing the ServiceNow dip just yet. The 13% drop is steep, but there may be more pain ahead if other enterprise software companies report similar headwinds. Wait for confirmation that the deal delays are truly one-time events.

IBM is a different story. The 6.5% drop looks more like an overreaction to an existential fear that hasn't materialized in the numbers. For long-term investors, IBM's 3.5% dividend yield and beaten-down valuation may be worth a look.

Keep an eye on oil prices and the Strait of Hormuz. As long as the waterway remains closed, the risk of further geopolitical shocks—and further earnings headwinds—remains elevated.

## Frequently Asked Questions (FAQ)

**Q: Why did ServiceNow stock drop after earnings?**

A: ServiceNow fell nearly 13% after revealing that the Iran war delayed several large on-premise deals, creating a 75 basis point headwind to subscription revenue growth. While the company beat top and bottom line estimates, the disclosure about geopolitical impacts spooked investors .

**Q: What is a "basis point" and why does 75 matter?**

A: A basis point is one-hundredth of one percent. Seventy-five basis points equals 0.75%. For a company with $36 billion in subscription revenue, that headwind represents hundreds of millions of dollars in delayed revenue .

**Q: Why did IBM stock fall after earnings?**

A: IBM fell over 6% because revenue growth slowed to 9% from 12.2% in the previous quarter, fueling fears that AI tools could disrupt its core software business—specifically after Anthropic announced an AI tool that can modernize COBOL, a language widely used on IBM's mainframes .

**Q: How is the Iran war affecting tech company earnings?**

A: The conflict is causing enterprise customers to delay large software deals due to uncertainty. ServiceNow specifically cited the Middle East conflict as the reason several large on-premise deals did not close in the first quarter .

**Q: Did ServiceNow raise its guidance despite the headwinds?**

A: Yes. ServiceNow raised its full-year subscription revenue guidance to $157.4–157.8 billion, up from the previous range of $155.3–155.7 billion. The company also issued strong second-quarter subscription guidance above analyst estimates .

**Q: Is IBM's AI threat real or overblown?**

A: The threat is real but likely overstated for the current quarter. As CFRA analyst Brooks Idlet noted, "we do not think Q1's results validated those fears." IBM's CFO argued that AI modernization tools are actually accelerating mainframe adoption .

**Q: Should I buy the dip in ServiceNow?**

A: (Disclaimer: Not financial advice.) The 13% drop is significant, but the company's fundamentals remain strong—it beat estimates, raised guidance, and announced a $5 billion buyback. However, until the Iran war situation stabilizes, there may be continued volatility. Long-term investors may see value at these levels, but short-term traders should be cautious .

**Q: What should I watch for in the coming days?**

A: Watch for earnings reports from other enterprise software companies. If they report similar geopolitical deal delays, the sector could face broader selling pressure. Also monitor oil prices and news from the Strait of Hormuz—any escalation could trigger another market selloff .

## Conclusion: The "Prove It" Phase Begins

We started this article with a market at record highs and a ceasefire that had investors feeling optimistic. We end with a reality check.

The AI trade is no longer a free ride. ServiceNow just demonstrated that even the best-run companies are not immune to geopolitical shocks. IBM just reminded investors that AI is as much a threat as an opportunity—especially for legacy tech giants.

The market pullback Thursday morning is modest. But the earnings warnings from these two tech bellwethers are not. They are signals that the "prove it" phase of the AI trade has officially begun.

For the rest of earnings season, investors will be watching for three things: AI revenue growth, guidance, and any mention of geopolitical headwinds. Companies that deliver on all three will be rewarded. Companies that stumble—even for reasons beyond their control—will be punished.

The ceasefire is holding, for now. But the market's patience is not infinite.

---

**#StockMarket #ServiceNow #IBM #AI #EarningsSeason #IranWar #Investing #TechStocks**

---

*Disclaimer: This article is for informational purposes only. It does not constitute financial or investment advice. Stock prices and market conditions are subject to rapid change. Always consult a licensed professional before making investment decisions.*