OpenAI rolls out cybersecurity models rivaling Anthropic's Mythos as White House stays quiet

OpenAI quietly shipped two cybersecurity-focused AI models in recent months that perform on par with Anthropic’s Claude Mythos, the very system that drew a pointed intervention from the Trump administration. The difference: nobody in Washington seems to care this time.

That selective silence is the real story. Two companies built functionally similar tools for finding and exploiting software vulnerabilities. One got slapped with foreign-national access restrictions. The other got handed contracts with major UK banks.

What OpenAI actually built

OpenAI launched GPT-5.4-Cyber in April 2026 and followed up with GPT-5.5-Cyber in May. Both models are purpose-built for vulnerability discovery, binary reverse engineering, and automated patching, essentially the same capability set that made Anthropic’s Mythos simultaneously impressive and controversial.

The models are distributed through OpenAI’s “Trusted Access for Cyber” program, or TAC. The program vets security teams before granting access, but its approach is notably broader than Anthropic’s Project Glasswing, which restricts distribution more tightly due to concerns about offensive hacking applications.