New Claude Mythos becomes the first AI model to clear all cyberattack simulations from Britain's AI safety agency

Frontier AI models are gaining cyber capabilities faster than anyone expected. The UK's AI Security Institute (AISI) has revised its estimates upward twice in just a few months.

In November 2025, the agency estimated that cyber capabilities were doubling every eight months. By February 2026, it had revised that figure to 4.7 months. Anthropic's Claude Mythos Preview and OpenAI's GPT-5.5 have now "substantially exceeded" even that accelerated timeline, according to AISI. Whether this represents a new trend or a one-time jump remains unclear.

The biggest gains showed up in AISI's cyber ranges, complex attack simulations designed to test real-world hacking ability. One range simulates a 32-step attack on a corporate network that human experts would need about 20 hours to complete, according to AISI. The latest Mythos Preview checkpoint finished the full attack in 6 out of 10 attempts. This checkpoint was also rolled out to partners. The previously tested Mythos version managed it in only 3 out of 10.

The model also solved "Cooling Tower," a simulation of an industrial control system, in 3 out of 10 attempts. No other model had ever passed this simulation, including the earlier Mythos version.