OpenAI Opens GPT-5.5-Cyber to EU Defenders While Anthropic Keeps Mythos Restricted

EU Cyber Action Plan Opens Defensive AI Access

OpenAI announced on May 11, 2026 the OpenAI EU Cyber Action Plan, extending its Trusted Access for Cyber (TAC) program to European businesses, governments, cyber authorities, and EU institutions. Vetted defenders can access GPT-5.5 with fewer restrictions than the public model; the highest tier unlocks GPT-5.5-Cyber, a variant tuned for vulnerability identification, malware analysis, reverse engineering, and patch validation.

What GPT-5.5-Cyber Is (and Is Not)

GPT-5.5-Cyber is not more capable than standard GPT-5.5 in general tasks. It is more permissive for authorized security work. The TAC program verifies user credentials and restricts access to justified defensive use cases, channeling offensive-capable AI toward protective purposes.

The Mythos Contrast

Anthropic has taken the opposite approach. Claude Mythos Preview remains strictly invitation-only through Project Glasswing, limited to 12 founding organizations and roughly 40 vetted critical-infrastructure operators globally. UK AI Security Institute (AISI) testing found GPT-5.5 scored 71.4% on expert-level cybersecurity tasks, slightly above Mythos at 68.6%.

Cyber Capability as an Emergent Byproduct

AISI found that GPT-5.5 completed a simulated 32-step corporate cyberattack in 2 of 10 attempts, a task estimated to take a human expert 20 hours. Researchers noted that cyberattack capabilities appear to emerge as a byproduct of improvements in coding and reasoning rather than deliberate design, a pattern with significant implications for AI safety governance. Source: eWeek