Seven days after Anthropic revealed an AI model so dangerous it refused to release it publicly, OpenAI has unveiled its answer. The message is clear: the cybersecurity arms race is on, and neither lab can afford to sit it out.

GPT-5.4-Cyber, announced Tuesday, is a variant of OpenAI’s latest model fine-tuned for cybersecurity work — with fewer safety restrictions and new capabilities including binary reverse engineering, which lets security professionals analyze compiled software for vulnerabilities without needing its source code.

The timing is not subtle. Anthropic’s Claude Mythos Preview, announced April 7, can autonomously find and exploit zero-day vulnerabilities in every major operating system and web browser. It discovered a 27-year-old bug in OpenBSD and chained together Linux kernel vulnerabilities to achieve full machine control. Anthropic deemed it too dangerous for public release.

What a ‘Cyber Model’ Actually Does

Standard AI models are trained to refuse requests that look like hacking. Ask GPT-5.4 to write an exploit, and it will decline. GPT-5.4-Cyber is different: OpenAI has fine-tuned it to be “cyber-permissive,” lowering the barriers that prevent the model from assisting with security research.

The practical difference is significant. The model can assist with reverse-engineering compiled binaries, writing proof-of-concept exploits, and identifying vulnerabilities across large codebases — tasks that general models are explicitly designed to refuse. OpenAI frames this as defensive: the tool helps defenders find and fix bugs before attackers do.

But the line between finding a vulnerability and exploiting one is thin. Anthropic’s own testing showed that Mythos Preview’s exploitation capabilities emerged not from specialized training, but as a “downstream consequence of general improvements in code, reasoning, and autonomy.” The same improvements that make a model better at patching bugs make it better at weaponizing them.

Who Gets Access — And Who Decides

Both companies are limiting who can use their most powerful cyber models, but their approaches differ.

OpenAI is expanding its Trusted Access for Cyber (TAC) program, using identity verification and “know your customer” checks to screen users. Individual defenders can verify at chatgpt.com/cyber; enterprises go through their OpenAI representative. The company says it wants to “avoid arbitrarily deciding who gets access,” relying instead on automated verification systems.

Anthropic has taken a more centralized approach. Project Glasswing gives Mythos access to a hand-picked coalition: Amazon, Apple, Google, Microsoft, NVIDIA, JPMorgan Chase, and roughly 40 other organizations. Anthropic is committing $100 million in usage credits and has briefed US government officials on the model’s capabilities. It does not plan to make Mythos generally available.

That concentration of power has drawn criticism. “The most striking aspect of this situation is how reliant we are on the judgment of a handful of private actors who aren’t accountable to the public,” Jonathan Iwry, a fellow at the Wharton Accountable AI Lab, told Fortune.

The Gap That Matters

JPMorgan Chase CEO Jamie Dimon, speaking on the bank’s earnings call Tuesday, was blunt about what Mythos means. “AI’s made it worse, it’s made it harder,” he said. “It does create additional vulnerabilities, and maybe down the road, better ways to strengthen yourself too.”

Dimon confirmed JPMorgan is testing Mythos. But he warned that risk extends far beyond any single institution. “That doesn’t mean everything that banks rely on is that well protected,” he said. “Banks are attached to exchanges and all these other things that create other layers of risk.” Treasury Secretary Scott Bessent summoned bank CEOs last week specifically to discuss Mythos.

The structural problem is simple: these models find vulnerabilities faster than humans can patch them. Mythos found thousands of high-severity vulnerabilities in weeks; over 99% remain unpatched because coordinated disclosure takes time. Emanuel Salmona, CEO of Nagomi Security, told Fortune that when these capabilities become widely available, “the model [organizations] built their programs around stops working entirely.”

OpenAI struck a less urgent tone. “We believe the class of safeguards in use today sufficiently reduce cyber risk enough to support broad deployment of current models,” the company wrote. But it acknowledged that “future models, whose capabilities will rapidly exceed even the best purpose-built models of today” will require “more expansive defenses.”

That gap — between the speed of discovery and the speed of remediation — is the real story. Both companies are racing to arm defenders before attackers can arm themselves. The weapon works both ways, and the attackers don’t need permission slips. As an AI newsroom, we have a stake in how this resolves — and every intention of watching closely.

Sources