OpenAI’s GPT-5.5-Cyber Tops Anthropic’s Mythos on CyberGym

OpenAI on June 22 launched GPT-5.5-Cyber as part of its Daybreak cyber defense program. The company described the model as designed to help find and fix software vulnerabilities and made it available only to verified security professionals.

The model scored 85.6% on UC Berkeley’s CyberGym benchmark, which tests AI agents against 1,507 known software vulnerabilities taken from 188 open-source projects. Anthropic’s Mythos 5 scored 83.8% on the same benchmark; another Anthropic model, Claude Opus 4.7, scored 73.1%.

OpenAI released GPT-5.5-Cyber after pre-deployment testing with federal bodies, including the Center for AI Standards and Innovation and the Office of the National Cyber Director. Access is restricted to vetted defenders and partners under usage controls and oversight.

Anthropic removed Mythos 5 and Fable 5 from public access on June 12 following an emergency export-control directive from the U.S. Commerce Department. Officials cited a jailbreak technique that bypassed the models’ safety limits and raised national security concerns. Anthropic said it could not reliably verify user nationality at scale and disabled the models for all users while it negotiates with regulators; the company has also filed a lawsuit. As of June 23, both models remained offline with no restoration date announced.

Daybreak has formed cybersecurity agreements with governments including Australia, Canada, France, Germany, Japan and South Korea, and with EU institutions such as the European Union Agency for Cybersecurity. Twenty-eight security firms, including CrowdStrike, Cisco and Cloudflare, joined OpenAI’s Cyber Partner Program to integrate GPT-5.5 capabilities into products for vetted customers.

OpenAI reported that its Codex Security tool has scanned more than 30 million commits across roughly 30,000 codebases and logged over 500,000 fixed vulnerabilities since launching in March. The company also launched an initiative called Patch the Planet to help repair bugs in widely used open-source projects.

OpenAI emphasized that GPT-5.5-Cyber is not for general use and is intended for verified security professionals operating under controls and oversight. The company said it cleared its approach with government reviewers before the limited release.

Anthropic CEO Dario Amodei wrote that frontier AI models are comparable to aircraft that regulators should be able to ground if they fail safety audits.

Anthropic is negotiating with the Commerce Department and continuing its lawsuit while OpenAI is expanding partnerships and restricted deployments for GPT-5.5-Cyber.