eFinder

eFinder

HomeCorporate Competition (OpenAI vs Anthropic) › Article

OpenAI isn't far behind Mythos' hacking powers

Axios · · 300 words · By Sam Sabin
Corporate Competition (OpenAI vs Anthropic) AI Cyber Capabilities National Security

The article reports on new findings from the U.K. AI Security Institute comparing the cyber-attack capabilities of OpenAI's GPT-5.5 and Anthropic's Mythos Preview. It notes that GPT-5.5 is performing nearly as well as Mythos in simulated attacks, potentially shortening the window for defenders to secure their systems.

open_in_new Read the original article: https://axios.com/2026/05/05/openai-anthropic-mythos-cyber-testing

analyticsAnalysis

10%
Propaganda Score
confidence: 95%
Low risk. This article shows minimal use of propaganda techniques.

psychologyDetected Techniques

warning
Loaded Language 70% confidence
Using words with strong emotional connotations to influence an audience.

fact_checkFact-Check Results

10 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.

check_circle Corroborated 5
info Single Source 3
help Insufficient Evidence 2
check_circle
“OpenAI's GPT-5.5 model — aka Spud — is nearly as good at finding and exploiting software bugs as Anthropic's Mythos Preview.”
CORROBORATED
Multiple independent sources (Decrypt, a UK government group report, and other web results) state that GPT-5.5 is roughly on par or comparable to Anthropic's Mythos in cyberattack tasks.
travel_explore
web search NEUTRAL — A UK government group that tests AI for cybersecurity capabilities says OpenAI’s latest GPT-5.5 model is roughly on par with Anthropic’s Claude Mythos model in some tasks.
https://www.theinformation.com/briefings/uk-group-says-opena…
travel_explore
web search NEUTRAL — OpenAI's GPT-5.5 is the second AI system to complete a simulated corporate network intrusion end-to-end, raising alarms.The first model to achieve the milestone was Anthropic's Claude Mythos Preview, …
https://decrypt.co/366371/openais-gpt-55-matches-claude-myth…
travel_explore
web search NEUTRAL — Meanwhile, OpenAI has also made another version of GPT-5.5 available to other members of its Trusted Access for Cyber program that can help with understanding unfamiliar code, mapping affected surface…
https://www.axios.com/2026/05/07/openai-gpt-55-cybersecurity…
check_circle
“The U.K. AI Security Institute said Thursday that GPT-5.5 was able to complete a 32-step simulated corporate cyberattack in 2 out of 10 test runs.”
CORROBORATED
The claim is explicitly confirmed by Axios and multiple web search results citing the U.K. AI Security Institute (AISI) regarding the 32-step simulation and the 2/10 success rate.
travel_explore
web search NEUTRAL — Two AI Models Just Completed a Simulated Corporate Cyberattack End-to-End. The AISI “Last Ones” benchmark is a 32-step simulated corporate network attack. Human experts take an estimated 20 hours to c…
https://www.mindstudio.ai/blog/claude-mythos-gpt-5-5-last-on…
travel_explore
web search NEUTRAL — Zoom in: The new GPT-5.5-Cyber model is specifically designed to help defenders write proofs of concept for the bugs they can find or run simulations to test their organization's security posture.
https://www.axios.com/2026/05/07/openai-gpt-55-cybersecurity…
travel_explore
web search NEUTRAL — The U.K. AI Security Institute said last week that GPT-5.5 completed a simulated 32-step corporate cyberattack in two out of 10 test runs. Anthropic's competing Mythos Preview model completed the same…
https://www.ibtimes.com/openai-expands-cyber-focused-gpt-55-…
+ 1 more evidence source
check_circle
“Mythos did the same in 3 out of 10 runs.”
CORROBORATED
Confirmed by Axios, Telegraph, and other web search results stating Mythos completed the 32-step simulation in 3 out of 10 runs.
travel_explore
web search NEUTRAL — AISI's 32-step corporate network attack sim took human experts 20 hours. Claude Mythos completed it 3 times out of 10. Here's what that means.
https://www.mindstudio.ai/blog/claude-mythos-gpt-5-5-last-on…
travel_explore
web search NEUTRAL — Anthropic is investigating reports that unauthorized users accessed its Mythos AI tool via a vendor, raising cybersecurity concerns.In testing, Mythos completed a 32-step simulated cyberattack in seve…
https://www.eweek.com/news/anthropic-mythos-unauthorized-acc…
travel_explore
web search NEUTRAL — In its 32 step simulated corporate network attack, “The Last Ones,” Mythos was the first model to solve the full chain from start to finish, doing so in 3 out of 10 attempts, with an average of 22 ste…
https://telegraph.com/anthropic-mythos-ai-cyber-power/
+ 1 more evidence source
info
“Before Mythos, no AI model had ever successfully completed that test.”
SINGLE SOURCE
While one web search result explicitly states 'Before Mythos, no AI model had ever successfully completed that test', other sources mention Mythos was the first but do not provide independent corroboration of the 'no AI model' claim across multiple distinct reporting organizations.
travel_explore
web search NEUTRAL — UK AISI attack simulation. GPT‑5.5 completed a 32‑step simulated corporate cyberattack in 2 out of 10 test runs. Claude Mythos did the same in 3 out of 10 runs, according to the UK AI Security Institu…
https://opentools.ai/news/openai-gpt-5-5-cyber-security-mode…
travel_explore
web search NEUTRAL — Two AI Models Just Completed a Simulated Corporate Cyberattack End-to-End.It’s a 32-step simulation of a sustained corporate network intrusion — the kind of multi-stage attack that would require recon…
https://www.mindstudio.ai/blog/claude-mythos-gpt-5-5-last-on…
travel_explore
web search NEUTRAL — Notably, Mythos Preview could not complete AISI's OT-focused "Cooling Tower" cyber range — but this should not inspire complacency. The model stalled in the IT segments of that scenario, not the OT lo…
https://www.linkedin.com/posts/ramilo-mendoza_our-evaluation…
info
“GPT-5.5 also outperformed Mythos on a range of capture-the-flag tasks that test how well a model can find vulnerabilities, reverse-engineer incidents, and exploit web-based applications.”
SINGLE SOURCE
This specific detail about outperforming Mythos on CTF tasks is mentioned in one web search result, but not corroborated by other independent sources provided in the evidence.
travel_explore
web search NEUTRAL — OpenAI Global, LLC is an American artificial intelligence (AI) research organization consisting of a for-profit public benefit corporation (PBC) and a nonprofit foundation, headquartered in San Franci…
https://en.wikipedia.org/wiki/OpenAI
travel_explore
web search NEUTRAL — ChatGPT is your AI chatbot for everyday use. Chat with the most advanced AI to explore ideas, solve problems, and learn faster.
https://chatgpt.com/
travel_explore
web search NEUTRAL — Mar 14, 2023 · GPT-4 is more creative and collaborative than ever before. It can generate, edit, and iterate with users on creative and technical writing tasks, such as composing songs, writing screen…
https://openai.com/index/gpt-4/
info
“When Mythos was announced, Anthropic estimated it would be another six to 18 months before another AI company released a model with similar cyber capabilities.”
SINGLE SOURCE
The 18-month window estimate is mentioned in one specific web search result regarding the April 2026 announcement, but not corroborated by other independent sources.
travel_explore
web search NEUTRAL — Before Mythos, no AI model had ever successfully completed that test. GPT-5.5 also outperformed Mythos on a range of capture-the-flag tasks that test how well a model can find vulnerabilities, reverse…
https://www.axios.com/2026/05/05/openai-anthropic-mythos-cyb…
travel_explore
web search NEUTRAL — In April 2026, Anthropic announced a model it had built and then decided not to release. Claude Mythos Preview.If attackers will eventually have this capability, defenders need it first. Anthropic est…
https://www.chandravanshi.org/en/quantum-computing-ai/claude…
travel_explore
web search NEUTRAL — Anthropic released Claude Mythos Preview on April 7, 2026, and simultaneously announced the public can't access it.
https://www.humai.blog/claude-mythos-is-the-most-capable-ai-…
check_circle
“Anthropic has given access to Mythos to only around 40 organizations, including the 12 members of its information-sharing partnership Project Glasswing.”
CORROBORATED
Multiple sources confirm access is limited to around 40 organizations and mentions Project Glasswing, including a direct reference to Anthropic's own Project Glasswing page.
travel_explore
web search NEUTRAL — Anthropic has given access to Mythos to only around 40 organizations, including the 12 members of its information-sharing partnership Project Glasswing.
https://www.axios.com/2026/05/05/openai-anthropic-mythos-cyb…
travel_explore
web search NEUTRAL — Several tech giants have been given access to Mythos via an initiative called Project Glasswing, designed to strengthen resilience to Mythos itself. But others point out that it is in Anthropic's inte…
https://www.bbc.com/news/articles/crk1py1jgzko
travel_explore
web search NEUTRAL — We have also extended access to a group of over 40 additional organizations that build or maintain critical software infrastructure so they can use the model to scan and secure both first-party and op…
https://www.anthropic.com/glasswing
check_circle
“OpenAI... is only giving access to models with fewer guardrails to vetted cyber defenders through its Trusted Access program.”
CORROBORATED
Multiple sources confirm that OpenAI provides models with reduced guardrails to vetted cyber defenders via the Trusted Access program.
travel_explore
web search NEUTRAL — By deploying OpenAI’s Trusted Access for Cyber and GPT-5.5, we are giving defenders at Snyk the capability they need to protect critical supply chains. This partnership isn’t just a milestone; it’s a …
https://openai.com/index/gpt-5-5-with-trusted-access-for-cyb…
travel_explore
web search NEUTRAL — OpenAI has placed strict guardrails on the public versions of its models and is only giving access to models with fewer guardrails to vetted cyber defenders through its Trusted Access program.
https://www.axios.com/2026/05/05/openai-anthropic-mythos-cyb…
travel_explore
web search NEUTRAL — OpenAI's GPT-5.5-Cyber gives vetted cyber defenders reduced guardrails for red teaming, malware analysis, and patch validation workflows.
https://crypto.news/openai-targets-cyber-defenders-with-gpt-…
help
“Last week, the Wall Street Journal reported that the White House had urged Anthropic not to broaden access to Mythos over national security concerns.”
INSUFFICIENT EVIDENCE
No evidence was found in the provided search results to support or refute the claim about the Wall Street Journal reporting on White House urges to Anthropic.
help
“OpenAI has been helping federal agencies, state and local governments, and international allies sign up for its program that gives cyber defenders access to cyber-permissible versions of GPT-5.4 and 5.5.”
INSUFFICIENT EVIDENCE
No evidence was found in the provided search results regarding OpenAI helping federal/state/international agencies sign up for cyber-permissible versions of GPT-5.4 and 5.5.
info Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.