In brief
- OpenAI released GPT-5.5-Cyber, a model designed to help find and fix software vulnerabilities faster than previous versions.
- It outperforms Anthropic’s Mythos on key benchmarks, while Mythos faces a U.S. government ban over national security concerns.
- The model is being released to trusted defenders with controls, in contrast to Anthropic’s more restricted approach.
OpenAI's cybersecurity model just beat the Anthropic Mythos AI model that the U.S. government yanked offline—and it's still up and running.
On June 22, OpenAI announced the full launch of GPT-5.5-Cyber as part of its Daybreak cyber defense program. On CyberGym—a benchmark developed at UC Berkeley that presents AI agents with 1,507 known software vulnerabilities from 188 open-source projects and scores them on how many they can reproduce in a controlled environment—the updated model reached 85.6%.
Anthropic's Mythos 5 sits at 83.8% on the same leaderboard. Claude Opus 4.7, Anthropic's more broadly available model, scored 73.1%.
A less-than-two-point gap on any benchmark would normally be unremarkable. The context here is not. Anthropic's Mythos 5 and Fable 5 were pulled offline on June 12 after the Donald Trump administration issued an emergency export control directive citing national security.
The government pointed to a jailbreak—a technique for bypassing an AI model's built-in safety limits, similar to finding a master key that unlocks a high-security door. Anthropic had no reliable way to verify user nationality at scale, so it disabled both models for everyone, everywhere.
Some of the damage was self-inflicted. Anthropic spent months describing Mythos as one of the most capable—and most dangerous—AI models ever built, warning in its own launch documentation that its cybersecurity abilities could cause serious harm without the right restrictions. Anthropic CEO Dario Amodei published an essay on June 10 comparing frontier AI models to aircraft that safety regulators should be able to ground if they fail audits.
A few days later, the government grounded Anthropic's aircraft.
It wasn't the only alarm that week. Anthropic had already come under fire over a hidden filter in Fable 5 that silently degraded the model's outputs for users it suspected of building competing AI—without telling them—and was forced to apologize and reverse the policy.
A different playbook
While Anthropic negotiates with the Commerce Department and continues its lawsuit against the Trump administration, OpenAI is extending its reach. Daybreak has signed cybersecurity partnerships with Australia, Canada, France, Germany, Japan, South Korea, and EU institutions including the European Union Agency for Cybersecurity.
Twenty-eight security firms—including CrowdStrike, Cisco, and Cloudflare—have joined its Cyber Partner Program to embed GPT-5.5 into their products for vetted customers. Per OpenAI's own blog, Codex Security tool has scanned over 30 million commits across 30,000 codebases and logged more than 500,000 fixed vulnerabilities since launching in March.
The company is also expanding a partner program so security firms can integrate these capabilities into their own tools, and it launched “Patch the Planet,” an initiative to help fix vulnerabilities in widely used open-source projects.
That said, GPT-5.5-Cyber is not for general use. It's available only to verified security professionals, and OpenAI ran pre-deployment tests with federal agencies—including the Center for AI Standards and Innovation and the Office of the National Cyber Director—before launch. That's the same restricted-access approach Anthropic attempted with Mythos, but OpenAI cleared its approach with the government first.
As of June 23, Fable 5 and Mythos 5 remain offline—eleven days into a suspension with no official restoration date from Anthropic or the Commerce Department.