OpenAI has begun the rollout of GPT-5.5-Cyber, an AI model focused on cybersecurity, aiming to deliver it to “critical cyber defenders” within days. This initiative follows Anthropic’s announcement of Claude Mythos Preview, a model found to autonomously discover numerous software vulnerabilities, which was deemed too dangerous for public release.
CEO Sam Altman stated, “We’re starting rollout of GPT-5.5-Cyber to critical cyber defenders in the next few days.” He emphasized collaboration with the government and the broader ecosystem to ensure trusted access and security for companies and infrastructure.
we're starting rollout of GPT-5.5-Cyber, a frontier cybersecurity model, to critical cyber defenders in the next few days.
we will work with the entire ecosystem and the government to figure out trusted access for cyber; we want to rapidly help secure companies/infrastructure.
— Sam Altman (@sama) April 30, 2026
The rollout is part of a comprehensive cybersecurity action plan by OpenAI, structured around five key pillars: democratizing access to cyber defense tools, coordinating with government and industry, enhancing safeguards around advanced capabilities, ensuring deployment visibility, and enabling user self-protection. The new model builds on GPT-5.4-Cyber, which was introduced in mid-April as part of OpenAI’s Trusted Access for Cyber program, alongside $10 million in API grants for vetted security organizations.
In contrast to Anthropic’s more limited approach, which restricted Mythos to around 50 organizations in a controlled program, OpenAI plans to distribute GPT-5.5-Cyber more broadly. The model will be made available through the Trusted Access for Cyber (TAC) program to government entities, critical infrastructure operators, security vendors, cloud platforms, and financial institutions.
Anthropic’s model, Claude Mythos Preview, announced earlier in April, demonstrated advanced capabilities by discovering thousands of new zero-day vulnerabilities. It autonomously created exploits, showcasing improvements in reasoning and coding capabilities, including constructing a full browser exploit and a FreeBSD remote code execution exploit through complex vulnerability chaining.
While Anthropic has committed up to $100 million in usage credits and $4 million in donations to open-source security organizations, it has stated that Mythos will not be publicly available. Subsequently, the company released a less capable model, Claude Opus 4.7, whose cybersecurity features are “not as sophisticated” as those of Mythos.
OpenAI has yet to publish technical benchmarks comparing GPT-5.5-Cyber to Mythos. The base model received a “High” rating on OpenAI’s cybersecurity risk scale, falling below the “Critical” threshold needed for developing zero-day exploits autonomously without human intervention. The effectiveness of the Cyber-specific variant in closing this gap remains uncertain, as leading security professionals express concerns that the ability to find software flaws at scale is increasingly difficult to contain.
