GPT-5.5 matches Mythos in cybersecurity tests, challenging Anthropic's restricted release

Amid Mythos' hyped cybersecurity prowess, researchers find GPT-5.5 is just as good

Last month, Anthropic made a big deal about the supposedly outsized cybersecurity threat represented by its Mythos Preview model, leading the company to restrict the initial release to "critical industry partners." But new research from the UK's AI Security Institute (AISI) suggests that OpenAI's GPT-5.5, which launched publicly last week, reached "a similar level of performance on our cyber evaluations" as Mythos Preview, which the group evaluated last month. Since 2023, the AISI has run a variety of frontier AI models through 95 different Capture the Flag challenges designed to test capabilities on cybersecurity tasks such as reverse engineering, web exploitation, and cryptography. On the highest-level "Expert" tasks, GPT-5.5 passed an average of 71.4 percent, slightly higher than the 68.6 percent achieved by Mythos Preview (though within the margin of error). In one particularly difficult task that involved building a disassembler to decode a Rust binary, AISI notes that "GPT-5.5 solved the challenge in 10 minutes and 22 seconds with no human assistance at a cost of $1.73" in API calls. GPT-5.5 also matched Mythos Preview in its progress on "The Last Ones" (TLO), an AISI test range set up to simulate a 32-step data extraction attack on a corporate network. GPT-5.5 succeeded in 3 of 10 attempts on TLO, compared to 2 of 10 for Mythos Preview -- no previous model had ever succeeded at the test even once. But GPT-5.5 still fails at AISI's more difficult "Cooling Tower" simulation of an attempted disruption of the control software for a power plant, as every previously tested AI model also has. Is it just "fear-based marketing"? The new results for GPT-5.5 suggest that, when it comes to cybersecurity risk, Mythos Preview was likely not "a breakthrough specific to one model" but rather "a byproduct of more general improvements in long-horizon autonomy, reasoning, and coding," AISI writes. In a recent interview with the Core Memory podcast, OpenAI CEO Sam Altman criticized what he calls "fear-based marketing" in promoting limited releases for certain AI models. While he said he's "sure Mythos is a great model for cybersecurity," he added that "it is clearly incredible marketing to say, 'We have built a bomb. We are about to drop it on your head. We will sell you a bomb shelter for $100 million.'" "There will be a lot more rhetoric about models that are too dangerous to release," Altman continued. "There will also be very dangerous models that will have to be released in different ways." In February, OpenAI rolled out its Trusted Access for Cyber pilot program, letting security researchers and enterprises verify their identities and register their interest in studying OpenAI's frontier models for "legitimate defensive work." Last month, OpenAI said it was using that trusted access list to control the limited launch of GPT-5.4-Cyber, a model variant that it says is "purposely fine-tuned for additional cyber capabilities and with fewer capability restrictions." On Thursday, OpenAI CEO Sam Altman said on social media that the initial release of GPT-5.5-Cyber would similarly be limited "to critical cyber defenders in the next few days."

OpenAI's new security model is for 'critical cyber defenders' only

It's not clear who will get access to the model first, though previous "trusted access" schemes involved vetted professionals and institutions. Details of the model and its capabilities are also unclear; OpenAI has not released any technical details or specifications. The name indicates it is a specialized version of the recently released GPT-5.5, which it called its "smartest and most intuitive to use model yet." The staggered rollout is part of a growing trend in the AI industry of companies branding their top models too dangerous for public release due to their potential for misuse. OpenAI has staggered the release of previous cybersecurity-focused models, in addition to its new purpose-built life sciences model GPT-Rosalind, which is intended to support biology research and drug discovery. This month, Anthropic followed a similar playbook with Claude Mythos, though with much greater fanfare, and it bungled the model's secure release in embarrassing ways.

Mythos AI is a cybersecurity threat, but it doesn't rewrite the rules of the game

The cybersecurity community went on alert when Anthropic announced on April 7, 2026, that its latest and most capable general-purpose large language model, Claude Mythos Preview, had demonstrated remarkable - and unintended - capabilities. The artifical intelligence system was able to find and exploit software vulnerabilities - the most serious type of software bugs - at a rate not seen before. The news ignited concern among the public, world governments and the information technology sector about the capabilities of today's AI to undermine cybersecurity, with some people framing the model as a global cybersecurity threat. Claiming that it would be too risky to release the model, and that the company had the moral responsibility to disclose these vulnerabilities, Anthropic said it would not immediately offer the model to the public. Instead, it granted exclusive access to tech giants to test the model's capabilities, a process Anthropic dubbed Project Glasswing. As a cybersecurity researcher, I think Mythos' capabilities are impressive, but the AI system does not represent a radical departure. Mythos is less a new threat than a mirror reflecting how people behave and how fragile modern systems already are. What Mythos did During a controlled evaluation, engineers with minimal security experience prompted Mythos to scan thousands of software codebases for vulnerabilities. The model showed striking capabilities in conducting multistep, autonomous attacks that take experts weeks or even months to put together. Mythos was not only able to discover 271 vulnerabilities in Mozilla's Firefox, it also developed exploits to take advantage of 181 of those. Overall, Anthropic's red team, which takes on the role of an attacker to test defenses, and the United Kingdom's AI Security Institute reported that Mythos found thousands of zero-day, or previously unreported, vulnerabilities in major operating systems, web browsers and other applications - software flaws that have not yet been patched and can be turned into exploits immediately. National Security Agency officials testing Mythos have been impressed by the tool's speed and efficiency in finding software vulnerabilities, according to a news report. Among the most widely reported were Mythos' ability to identify a dormant 27-year-old security flaw in OpenBSD, a security-focused operating system, and a 16-year-old bug in FFmpeg, a video/audio processing tool. Some of these flaws allow unauthenticated users to gain control of the machines hosting these applications. Even more striking, the relatively inexperienced engineers running Mythos' evaluations were able to use Mythos to complete attacks overnight, from finding vulnerabilities to exploiting them - something that can take human experts weeks to do. The model's ability to chain multiple steps is what surprised Anthropic and organizations that tried it. In an evaluation by the AI Security Institute, Mythos was able to take over a simulated corporate network in three out of 10 tries, the first AI model to succeed at the task. These results are real. They also paint an incomplete picture in ways that matter. Where is the breakthrough? At first glance, Mythos' breakthrough sounds novel and could signal a new class of cyber threats. However, a closer look suggests something different. The vulnerabilities Mythos found are not new in nature. They generally don't belong to unknown security flaws, and in many cases they are variations of well-known and well-understood classes of software vulnerabilities. In cybersecurity, finding new instances of known types of flaws is not unusual. The most successful attacks rely on known, well-defined vulnerabilities that stay overlooked or unpatched. What concerned the researchers was not Mythos changing the nature of finding and exploiting vulnerabilities, but rather the intense scale and speed with which it was able to find and exploit those vulnerabilities. This is not a breakthrough per se but rather a result of decades of research in both cybersecurity and AI. In that sense, Mythos is the natural - and expected - result of powerful automation and AI integration because it follows the same fundamental procedures used in standard offensive cybersecurity practices. These include scanning for vulnerabilities, identifying patterns and testing exploitability. Mythos and similar emerging models make it possible to chain these steps together at a speed that is hard to fathom. So why were these vulnerabilities missed in the first place? It is crucial to understand that not all vulnerabilities are cost effective to fix, and not all vulnerabilities are a priority. Mythos did not discover a new kind of weakness - it exposed the limits of how cybersecurity practitioners search for them. New tech, age-old dynamic Mythos highlights an important fact about the reality of cybersecurity threats. System defenders are always at a disadvantage because they need to always succeed. Attackers, however, need to succeed only once to break the security of a system. This cat-and-mouse game will always be the same, and Mythos does not change that - it simply reinforces it. Mythos follows a familiar dynamic: A tool created to protect can also be used to attack and harm. "The same improvements that make the model substantially more effective at patching vulnerabilities also make it substantially more effective at exploiting them," Anthropic officials wrote in a blog post about Mythos. What once may have required highly specialized skills can now be achieved with significantly less effort, which raises the most important question: Who will benefit first by using tools like Mythos - defenders or attackers?

Anthropic Mythos shaping up as nothingburger

Anthropic's Mythos model is purportedly so good at finding vulnerabilities that the Claude-maker is afraid to make it available to the general public for fear that criminals will take advantage. But early analysis shows that Mythos may not be as dangerous as some would have you believe. Anthropic made Mythos available in preview to a select but ever-growing number of organizations under the title of Project Glasswing so they could find and fix vulnerabilities in their environment before criminals got hold of the purported zero-day machine and caused mayhem. That plan didn't quite work as intended. On Wednesday, an Anthropic spokesperson confirmed to The Register that some non-Glasswing partners may have accessed the model - but not through Anthropic's production API. "We're investigating a report claiming unauthorized access to Claude Mythos Preview through one of our third-party vendor environments," the spokesperson told us. The AI biz declined to name the third-party vendor, but said that it's a company Anthropic works with on model development. There's no evidence that unauthorized activity extended beyond the third-party vendor's environment or that Anthropic systems are affected, we're told. Bloomberg, which originally reported the unauthorized access, said that "a handful" of people gained access to Mythos by making "an educated guess about the model's online location" based on Anthropic's previous models, and that these details were revealed in the recent Mercor data breach. Mercor is an AI staffing startup that supplies specialized contractors to major AI labs, including Anthropic. Earlier this month, Mercor said that it was "one of thousands of companies" affected by the LiteLLM supply-chain attack. This group of unauthorized users reportedly belongs to a private Discord channel and gained access to Mythos on the same day that Anthropic announced Project Glasswing. Since then, it's been "playing around" with the bug-hunting machine, and doesn't have any interest in using the model for evil, according to Bloomberg. Regardless of what the group is doing with Mythos, their access illustrates a couple of key points. First: it's really hard to keep code under wraps (as also evidenced by Anthropic's earlier Claude Code source leak), especially when the folks who want to kick the tires on the new model are cybersecurity and engineering types - and they didn't even need to hack into any network or database to do it. Insider and supply-chain threats are the real deal. "The Mythos breach didn't require a sophisticated attack," Ram Varadarajan, CEO at Acalvio, a deception-tech firm, told The Register. "It just required a contractor, a URL pattern, and a day-one guess, which means the 'controlled release' model failed at its weakest link before the model's capabilities were ever the issue." Additionally, considering all the hype Anthropic spun around its new model, we shouldn't be surprised the genie is out of the lamp. "Anthropic's marketing message for Mythos was effectively a challenge, not dissimilar to a capture-the-flag exercise, where success includes claims of unauthorized access to Mythos," Tim Mackey, head of risk strategy at supply chain security shop Black Duck, told The Register. That marketing may have outstripped reality. Early reports from Mythos preview users including AWS and Mozilla indicate that while the model is very good and very fast at finding vulnerabilities, and requires less hands-on guidance from security engineers - making it a welcome time-saver for the human teams - it has yet to eclipse human security researchers. "So far we've found no category or complexity of vulnerability that humans can find that this model can't," Mozilla CTO Bobby Holley said, after revealing that Mythos found 271 vulnerabilities in Firefox 150. Then he added: "We also haven't seen any bugs that couldn't have been found by an elite human researcher." In other words, it's like adding an automated security researcher to your team. Not a zero-day machine that's too dangerous for the world. Anthropic, in announcing the new model, claimed Mythos identified "thousands of additional high- and critical-severity vulnerabilities." VulnCheck researcher Patrick Garrity, however, put the count as of last week at maybe 40. Or maybe none at all. Another engineer, Devansh, scoured the Mythos-related CVE advisories and Anthropic's exploit code, 44-prompt transcript, and 244-page system card, along with Glasswing partner agreements, red-team writeups. He also looked at Aisle's replication study, which tested Mythos' showcase vulnerabilities on small, cheap, open-weights models and found they produced much of the same analysis. Devansh ultimately concluded that while the bugs it found are real, the true Mythos story is "one of misinformation and hype." For example, the Anthropic-claimed 181 Firefox exploits ran with the browser sandbox turned off and the FreeBSD exploit transcript "shows substantial human guidance, not autonomy." Additionally, the "'thousands of severe vulnerabilities' extrapolates from 198 manually reviewed reports. The Linux kernel bug was found by Opus 4.6, the public model, not Mythos," Devansh said. Another researcher, Davi Ottenheimer, pointed out that the security section (Section 3, pages 47-53) of Anthropic's 244-page documentation "contains no count of zero-days at all. With no CVE list, no CVSS distribution, no severity bucket, no disclosure timeline, no vendor-confirmed-novel table, no false-positive rate." Ottenheimer likens it to "the ending of the Wizard of Oz, a sorry disappointment about a model weaponizing two bugs that a different model found, in software the vendor had already patched, in a test environment with the browser sandbox and defense-in-depth mitigations stripped out." Snehal Antani, co-founder and CEO of offensive AI hacking company Horizon3.ai, told The Register, "attackers didn't need Mythos to accelerate vulnerability research, 4.6 and open source models have already been accelerating the vulnerability process." When asked if the security community should be concerned about unauthorized Mythos access, Antani said no. "In my honest opinion, it's a nothingburger," he told us. "The adversary doesn't need Mythos to hack you." ®

Anthropic CEO warns of cyber 'moment of danger' as AI exposes thousands of vulnerabilities

Denis Balibouse | Reuters | Samuel Corum | Bloomberg | Getty Images Anthropic CEO Dario Amodei warned Tuesday that artificial intelligence has created a narrow window for the world's tech firms, governments and banks to fix tens of thousands of software vulnerabilities found by his company's latest model. That AI model, Mythos, was previewed last month along with the disclosure that it had unearthed decades-old vulnerabilities in crucial software. Since AI models from geopolitical adversary China are "maybe six to 12 months" behind the Anthropic product, there is "roughly that amount of time" to fix these issues, Amodei said. The comments came during an Anthropic event in which Amodei shared the stage with JPMorgan Chase CEO Jamie Dimon and unveiled a new suite of agents meant to automate financial work. "The danger is just some enormous increase in the amount of vulnerabilities, in the amount of breaches, in the financial damage that's done from ransomware on schools, hospitals, not to mention banks," Amodei said. Anthropic has limited Mythos to a few partner companies because of concerns about what criminals or adversarial nations could do with it. The last several of the company's model updates have reverberated through the markets, but Mythos has caused the most concern from corporations and policymakers alike. The scale of potential cyber exploits has ballooned with each generation of Claude, Amodei said. An earlier Anthropic model found roughly 20 vulnerabilities in the Firefox browser. Mythos found nearly 300, and the total count across all software now runs into the tens of thousands, he said. Most of the vulnerabilities found by Mythos haven't been publicly disclosed because they remain unpatched, and "the bad guys will exploit" them if they are identified, Amodei said.

OpenAI locks GPT-5.5-Cyber behind velvet rope

Altman's crew now doing the same gatekeeping it recently mocked OpenAI is lining up a limited release of its new GPT-5.5-Cyber model to a handpicked circle of "cyber defenders," just weeks after taking a swipe at Anthropic for doing almost exactly the same thing. CEO Sam Altman said in a post on X that the rollout will begin "in the next few days," with access restricted to a group he described as trusted defenders working to secure critical systems. "We will work with the entire ecosystem and the government to figure out trusted access for cyber," he wrote, adding that the goal is to "rapidly help secure companies and infrastructure." GPT-5.5-Cyber is built to spot flaws before anyone else abuses them. OpenAI says it can pentest, find bugs, exploit them, and tear apart malware, but as we have already seen, tools that break systems rarely stay in the right hands for long. OpenAI's announcement comes just weeks after Anthropic rolled out its own cyber-focused model, Claude Mythos, to roughly 50 organizations under tight controls, saying it would never be made publicly available - and Altman was not impressed. As reported by TechCrunch, he took aim at what he framed as exclusivity dressed up as caution during an appearance on the Core Memory podcast. "There are people in the world who, for a long time, have wanted to keep AI in the hands of a smaller group of people," he said. "You can justify that in a lot of different ways." He went further, likening the approach to selling fear. "We have built a bomb, we are about to drop it on your head. We will sell you a bomb shelter for $100 million." Now OpenAI is, if not building the same shelter, at least checking IDs at the door. Independent testing suggests the model is not just marketing fluff. The UK's AI Security Institute said this week that GPT-5.5-Cyber is "one of the strongest models we have tested on our cyber tasks," and noted it is only the second system to complete one of its multi-step attack simulations end to end. It may be pitched as protection, but when the tools can both break and fix systems, the difference often comes down to who gets there first. ®

OpenAI isn't far behind Mythos' hacking powers

Why it matters: The head start that cyber defenders were promised when Mythos was unveiled last month is disappearing faster than expected. Driving the news: The U.K. AI Security Institute said Thursday that GPT-5.5 was able to complete a 32-step simulated corporate cyberattack in 2 out of 10 test runs. Mythos did the same in 3 out of 10 runs. * Before Mythos, no AI model had ever successfully completed that test. * GPT-5.5 also outperformed Mythos on a range of capture-the-flag tasks that test how well a model can find vulnerabilities, reverse-engineer incidents, and exploit web-based applications. Between the lines: When Mythos was announced, Anthropic estimated it would be another six to 18 months before another AI company released a model with similar cyber capabilities. * Now, that assumption is being tested, calling into question how much time government officials, critical infrastructure operators and cybersecurity companies have to beef up their defenses. Yes, but: The powerful cyber capabilities of both Mythos and GPT-5.5 aren't available to everyone. * Anthropic has given access to Mythos to only around 40 organizations, including the 12 members of its information-sharing partnership Project Glasswing. * OpenAI has placed strict guardrails on the public versions of its models and is only giving access to models with fewer guardrails to vetted cyber defenders through its Trusted Access program. What to watch: Last week, the Wall Street Journal reported that the White House had urged Anthropic not to broaden access to Mythos over national security concerns. * Meanwhile, OpenAI has been helping federal agencies, state and local governments, and international allies sign up for its program that gives cyber defenders access to cyber-permissible versions of GPT-5.4 and 5.5.

'Moment of Danger': Anthropic CEO Warns of Cyber Risk Window as AI Uncovers Software Flaws - Decrypt

Critics say the risks may be overstated even as security concerns grow. A discussion between Anthropic CEO Dario Amodei and JPMorgan Chase CEO Jamie Dimon on Tuesday focused on the growing cybersecurity threat posed by artificial intelligence as it identifies vulnerabilities faster than organizations can fix them. In the nearly two-hour event tied to Anthropic's push into financial services, where it unveiled AI agents for tasks like pitchbooks, earnings review, and compliance work, Amodei said there may be a six to 12-month window to address tens of thousands of flaws uncovered by the company's Mythos model before similar capabilities become more widely available. "The danger is just some enormous increase in the amount of vulnerabilities, in the amount of breaches, in the financial damage that's done from ransomware on schools, hospitals, not to mention banks," Amodei said. Amodei's latest statements follow earlier testing with Mozilla, when an early version of Mythos identified 271 vulnerabilities in the Firefox browser in a single pass, showing how AI can scan large codebases far faster than human researchers. Anthropic said the model can uncover thousands of previously unknown weaknesses across widely used software. Many remain undisclosed because they have not yet been patched, leaving unresolved flaws. "If we announce something without it being fixed, then the bad guys will exploit it," Amodei said. In controlled testing, Mythos completed multi-step network attack simulations without human intervention, demonstrating the ability to move from identifying weaknesses to exploiting them. Anthropic has restricted the model to a small group of partners under Project Glasswing, aiming to fix vulnerabilities before similar tools become widely available. Researchers have shown that elements of Mythos's capability can be reproduced using existing models and open-source techniques, suggesting similar tools could spread faster than expected. The warnings have drawn skepticism from within the industry. In April, OpenAI CEO Sam Altman said concerns about Mythos may be overstated and suggested Anthropic is using "fear-based marketing" to frame the risks and justify limiting access to the technology. "You can justify that in a lot of different ways, and some of it's real, like there are going to be legitimate safety concerns," Altman said. "But if what you want is like 'we need control of AI, just us, because we're the trustworthy people,' I think fear-based marketing is probably the most effective way to justify that." Even with that pushback, despite a public feud with Anthropic, the U.S. government is reportedly using Claude Mythos to scan classified networks for vulnerabilities and test its cybersecurity capabilities, according to Axios. While he did not address the ongoing legal battle, Amodei said Anthropic is "good for this country." "I think Anthropic's view is the same as it always has been. In terms of politicization, this is the point I made about being streamlined, systematic, and fair to everyone," Amodei said. "The purpose of laws and not doing things in an ad hoc way is that all companies are, at least in principle -- I know it's more complicated in practice -- treated in the same way, and we should aspire to that even if it's never going to happen perfectly that way." Amodei framed the moment as a narrow window for action, warning that how quickly organizations respond could determine whether the risks escalate or are brought under control. "This is about a moment of danger where if we respond to it correctly, and I think we started to take the first steps, then we can have a better world on the other side," Amodei said. "There are only so many bugs to find."

Mythos AI may be a cybersecurity threat, but it follows the rules of the game

The news ignited concern among the public, world governments, and the information technology sector about the capabilities of today's AI to undermine cybersecurity, with some people framing the model as a global cybersecurity threat. Claiming that it would be too risky to release the model, and that the company had the moral responsibility to disclose these vulnerabilities, Anthropic said it would not immediately offer the model to the public. Instead, it granted exclusive access to tech giants to test the model's capabilities, a process Anthropic dubbed "Project Glasswing." As a cybersecurity researcher, I think Mythos' capabilities are impressive, but the AI system does not represent a radical departure. Mythos is less a new threat than a mirror reflecting how people behave and how fragile modern systems already are.

OpenAI's GPT-5.5 Matches Claude Mythos in Cyberattack Capabilities: AI Security Institute - Decrypt

Researchers found a jailbreak that bypassed GPT-5.5's safety guardrails entirely, raising alarms. A U.K. government agency has found that OpenAI's newest artificial intelligence model can autonomously carry out complex cyberattacks -- and that it cracked a reverse-engineering challenge in just over 10 minutes that took a human security expert roughly 12 hours. The AI Security Institute (AISI), a research body within Britain's Department of Science, Innovation and Technology, published findings Thursday showing that GPT-5.5 is among the strongest models it has evaluated for offensive cyber capabilities, putting it roughly on par with Anthropic's vaunted Claude Mythos. The report found GPT-5.5 is the second model to complete AISI's most demanding test -- a 32-step simulated corporate network attack called "The Last Ones" -- doing so autonomously in two out of 10 attempts. The first model to achieve the milestone was Anthropic's Claude Mythos Preview, which completed the simulation in three of 10 tries. The corporate network simulation, built with the cybersecurity firm SpecterOps, requires an agent to chain together reconnaissance, credential theft, lateral movement across multiple Active Directory forests, a supply-chain pivot through a CI/CD pipeline, and ultimately the exfiltration of a protected internal database -- steps that AISI estimates would take a human expert around 20 hours. Perhaps the most striking result involved a fiendishly difficult reverse-engineering puzzle. GPT-5.5 solved the challenge -- which required reconstructing a custom virtual machine's instruction set, writing a disassembler from scratch, and recovering a cryptographic password through constraint solving -- in 10 minutes and 22 seconds, at a cost of $1.73 in API usage. A human expert, using professional tools, required approximately 12 hours. On AISI's battery of advanced cybersecurity tasks, GPT-5.5 achieved an average pass rate of 71.4% on the most difficult "Expert" tier, edging out Mythos Preview at 68.6% percent and significantly surpassing GPT-5.4 at 52.4%. The findings carry pointed implications for the broader trajectory of AI development. AISI concluded that GPT-5.5's performance suggests rapid improvement in cyber capabilities may be part of a general trend rather than an isolated breakthrough -- and warned that if offensive cyber skill is emerging as a byproduct of wider improvements in reasoning, coding, and autonomous task completion, then further advances could arrive in quick succession. The report also flagged significant concerns about the model's safety guardrails. Researchers identified a universal jailbreak that elicited harmful content across all malicious cyber queries tested, including in multi-turn agentic settings. The attack took six hours of expert red-teaming to develop. OpenAI subsequently updated its safeguard stack, though a configuration issue prevented AISI from verifying whether the final version was effective. AISI cautioned that its capability evaluations were conducted in a controlled research environment and do not necessarily reflect what is accessible to an ordinary user, noting that public deployments include additional safeguards and access controls. The report lands against a worrying backdrop for British cybersecurity. The U.K. government's annual Cyber Security Breaches Survey, also published Thursday, found that 43% of businesses suffered a cyber breach or attack in the past 12 months. In response, the government announced £90 million in new funding to boost cyber resilience, and said it is moving forward with the Cyber Security and Resilience Bill to protect essential services. Officials also published guidance urging organizations to prepare for a potential surge in newly discovered software vulnerabilities as AI accelerates the pace at which security flaws can be found and weaponized.

Mythos has business worried. The rest are lulled into false cybersecurity

This is the everyday reality of the technology that runs much of Australia is not well-defended. Health systems. Water utilities. Thousands of others. A few weeks ago in these pages I wrote that we had crossed the Rubicon on cyber risk: that the threshold between human-paced attack and machine-paced attack had been crossed by Anthropic's Mythos. That the model would not stay contained. That OpenAI was close behind. Within a fortnight, Anthropic confirmed it was investigating reports that unauthorised users had been accessing Mythos Preview through a third-party contractor portal, on the same day the model was announced. The containment that the entire Glasswing access model rested on had failed at the starting gate. Late last week the UK Government's AI Security Institute confirmed the rest: frontier labs are sprinting, and capability is growing.

OpenAI expands Trusted Access program with GPT-5.5-Cyber

OpenAI has begun the rollout of GPT-5.5-Cyber, an AI model focused on cybersecurity, aiming to deliver it to "critical cyber defenders" within days. This initiative follows Anthropic's announcement of Claude Mythos Preview, a model found to autonomously discover numerous software vulnerabilities, which was deemed too dangerous for public release. CEO Sam Altman stated, "We're starting rollout of GPT-5.5-Cyber to critical cyber defenders in the next few days." He emphasized collaboration with the government and the broader ecosystem to ensure trusted access and security for companies and infrastructure. The rollout is part of a comprehensive cybersecurity action plan by OpenAI, structured around five key pillars: democratizing access to cyber defense tools, coordinating with government and industry, enhancing safeguards around advanced capabilities, ensuring deployment visibility, and enabling user self-protection. The new model builds on GPT-5.4-Cyber, which was introduced in mid-April as part of OpenAI's Trusted Access for Cyber program, alongside $10 million in API grants for vetted security organizations. In contrast to Anthropic's more limited approach, which restricted Mythos to around 50 organizations in a controlled program, OpenAI plans to distribute GPT-5.5-Cyber more broadly. The model will be made available through the Trusted Access for Cyber (TAC) program to government entities, critical infrastructure operators, security vendors, cloud platforms, and financial institutions. Anthropic's model, Claude Mythos Preview, announced earlier in April, demonstrated advanced capabilities by discovering thousands of new zero-day vulnerabilities. It autonomously created exploits, showcasing improvements in reasoning and coding capabilities, including constructing a full browser exploit and a FreeBSD remote code execution exploit through complex vulnerability chaining. While Anthropic has committed up to $100 million in usage credits and $4 million in donations to open-source security organizations, it has stated that Mythos will not be publicly available. Subsequently, the company released a less capable model, Claude Opus 4.7, whose cybersecurity features are "not as sophisticated" as those of Mythos. OpenAI has yet to publish technical benchmarks comparing GPT-5.5-Cyber to Mythos. The base model received a "High" rating on OpenAI's cybersecurity risk scale, falling below the "Critical" threshold needed for developing zero-day exploits autonomously without human intervention. The effectiveness of the Cyber-specific variant in closing this gap remains uncertain, as leading security professionals express concerns that the ability to find software flaws at scale is increasingly difficult to contain.

OpenAI Confirms GPT-5.5 Cyber Model's Rollout Is Around the Corner

The new model comes less than a month after GPT-5.4 Cyber's release OpenAI CEO Sam Altman teased the successor to the GPT-5.4 Cyber artificial intelligence (AI) model on Thursday. Dubbed GPT-5.5 Cyber, the model was announced just a fortnight after the San Francisco-based AI giant introduced its first cybersecurity model. Not a lot is known about the model currently, but it is expected to follow the same limited release format as the predecessor. The model is said to be competing with Anthropic's Claude Mythos, and offers similar real-world vulnerability detection prowess. OpenAI Teases GPT-5.5 Cyber In a post on X (formerly known as Twitter), Altman shared that GPT-5.5 Cyber will soon be rolled out to critical cyber defenders. Interestingly, the company is also hosting a GPT-5.5 "party" at its San Francisco headquarters on May 5. The company had asked users to sign up to get a chance to attend it. There's a possibility that OpenAI might preview some of the capabilities of 5.5 Cyber during the event. For now, not a lot is known about the large language model (LLM). Besides teasing the early access rollout, the OpenAI CEO said, "We will work with the entire ecosystem and the government to figure out trusted access for cyber; we want to rapidly help secure companies/infrastructure." The restricted rollout makes sense. When the company released the GPT-5.4 Cyber model, it was designed for cybersecurity functions. It used binary reverse engineering capabilities to analyse compiled software for malware potential, vulnerabilities, and overall security. OpenAI had said that the model does not even require access to the source code of a software to analyse this. Based on this, it appears that the model's functionality is broadly similar to Anthropic's Claude Mythos. To ensure that the cybersecurity LLM would not be misused, the AI giant scaled its Trusted Access for Cyber (TAC) programme, which only lets the model be accessed by verified individuals and firms. Since little is known about the capabilities of the GPT-5.5 Cyber AI model, it cannot be said with certainty that it can outperform Claude Mythos. However, once OpenAI releases the system card and internal evaluations, the comparison between the two will become clearer.

Anthropic CEO Predicts Firms Have 6 Months to Patch Software Vulnerabilities | PYMNTS.com

By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions. Speaking during Anthropic's livestreamed event The Briefing: Financial Services, Amodei said the Chinese models are six to 12 months behind Anthropic's models, "so I think we have roughly that amount of time to fix all these vulnerabilities." Mythos has identified tens of thousands of vulnerabilities that Anthropic has not announced, because only a small fraction of them have been fixed, and the company doesn't want bad guys to exploit those vulnerabilities, Amodei said. These vulnerabilities could lead to breaches and ransomware attacks. "I actually think if we handle this right, in six to 12 months, which is the time that we have to handle it because the Chinese models will catch up by that time. ... If we handle this right, we could be in a better position than we started in because we fixed all these bugs, there's only so many bugs to find, you know, the depth doesn't go forever, and if we're rewriting all of our code with models like Mythos, we can use Mythos to write code that's inherently more secure by design," Amodei said. It was reported April 7 that Anthropic was allowing select partners early access to Claude Mythos Preview, a model positioned for defensive cybersecurity work, so that they could identify vulnerabilities and strengthen systems before threats could be exploited by new AI models. Amodei's comments on Tuesday came on the same day that the Center for AI Standards and Innovation (CAISI), which is part of the Department of Commerce's National Institute of Standards and Technology, announced that Google DeepMind, Microsoft and xAI have each agreed to share their frontier AI models with CAISI for national security testing before releasing those models to the public. The companies joined Anthropic and OpenAI, which signed agreements with CAISI's predecessor, the U.S. Artificial Intelligence Safety Institute, in August 2024 and later renegotiated those agreements to match CAISI's directives.

OpenAI Will Arm Critical Cyber Defenders With Frontier Model | PYMNTS.com

By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions. "We will work with the entire ecosystem and the government to figure out trusted access for cyber; we want to rapidly help secure companies/infrastructure," Altman wrote. OpenAI announced in a Wednesday blog post that the company released an Action Plan that describes how it will build the infrastructure needed to support cybersecurity defenders and will provide trusted actors across society with access to defensive tools. The company's plan includes democratizing cyber defense, coordinating across government and industry, strengthening security around frontier cyber capabilities, preserving visibility and control in deployment, and enabling users to protect themselves. OpenAI said in its post that as AI reshapes cybersecurity, criminals are deploying the same capabilities as defenders. "Building resilience in the Intelligence Age will require both working through democratic institutions and processes, and broadening access to the technologies that can help protect communities, critical systems and our national security," OpenAI said in the post. It was reported April 21 that OpenAI has begun briefing state and federal government officials on the capabilities of its cybersecurity product. The AI startup held an event in Washington, D.C., where it demonstrated a new model to officials from throughout the government and from various national security agencies. The company is taking a dual-track approach, making one version of its model more widely available with robust safeguards, and another more permissive version for cyber defenders through its Trusted Access program. This tactic will let more companies, like local water utilities, access advanced AI tools. OpenAI said April 14 that it plans to expand access to the Trusted Access for Cyber (TAC) program, which it introduced in February, to give cybersecurity professionals access to frontier models. The company said it is scaling up TAC to thousands of verified individuals and hundreds of teams responsible for defending critical software. "In preparation for increasingly more capable models from OpenAI over the next few months, we are fine-tuning our models specifically to enable defensive cybersecurity use cases, starting today with a variant of GPT-5.4 trained to be cyber-permissive: GPT-5.4-Cyber," OpenAI said in an April 14 blog post.