The newest cybersecurity myth — that AI and large language models will replace software developers, security analysts, and incident responders — is being built the way every cybersecurity myth gets built: a confident claim repeated more often than examined. Twenty years ago this month, my first post on this blog took on a similar one: monthly password rotation as security folk wisdom. It took NIST thirty years to formally retire that myth. LLMs are not useless; they are competent at finding the technical debt left by "penetrate-and-patch" culture. They are not a substitute for the people being laid off to make way for them.