UK AISI finds OpenAI's GPT-5.5 reaches frontier cyber parity with Anthropic's gated Mythos model
The UK AI Security Institute's evaluation of OpenAI's GPT-5.5 cyber capabilities—published April 30, 2026 and amplified through mid-to-late May, including a May 25 New York Times profile—found that GPT-5.5 had reached fr.
VERDICT — CONFIRMED

The UK AI Security Institute's evaluation of OpenAI's GPT-5.5 cyber capabilities—published April 30, 2026 and amplified through mid-to-late May, including a May 25 New York Times profile—found that GPT-5.5 had reached frontier-level offensive-cyber performance, matching Anthropic's gated Claude Mythos Preview. On AISI's expert-tier suite (tasks reflecting 10+ years of experience), GPT-5.5 averaged a 71.4% pass rate (±8.0%), versus 68.6% (±8.7%) for Mythos Preview, 52.4% (±9.8%) for GPT-5.4, and 48.6% (±10.0%) for Opus 4.7. GPT-5.5 also became the second model ever to complete 'The Last Ones' (TLO)—a 32-step corporate network-intrusion simulation built with SpecterOps that spans four subnets and roughly twenty hosts and would take a human expert about 20 hours—solving it end-to-end in 2 of 10 attempts; Mythos Preview, the first to solve TLO, did so in 3 of 10.
The result is significant because it shows offensive-cyber capability that Anthropic deemed dangerous enough to withhold from public release is now matched by a model OpenAI shipped as ChatGPT's default. Coverage noted a counterpoint: some outlets reported the models' broader agentic reasoning still 'falters' outside structured cyber tasks. The finding intensified policy debate—AISI's red team separately showed a leading model could be coaxed into hazardous instructions—and informs both the EU AI Act's systemic-risk testing regime and the US executive order's classified cyber-benchmarking process.
Figures are AISI-reported with stated standard errors.


