OpenAI Opens GPT-5.5-Cyber to EU Defenders While Anthropic Keeps Mythos Restricted
EU Cyber Action Plan Opens Defensive AI Access
OpenAI announced on May 11, 2026 the OpenAI EU Cyber Action Plan, extending its Trusted Access for Cyber (TAC) program to European businesses, governments, cyber authorities, and EU institutions. Vetted defenders can access GPT-5.5 with fewer restrictions than the public model; the highest tier unlocks GPT-5.5-Cyber, a variant tuned for vulnerability identification, malware analysis, reverse engineering, and patch validation.
What GPT-5.5-Cyber Is (and Is Not)
GPT-5.5-Cyber is not more capable than standard GPT-5.5 in general tasks. It is more permissive for authorized security work. The TAC program verifies user credentials and restricts access to justified defensive use cases, channeling offensive-capable AI toward protective purposes.
The Mythos Contrast
Anthropic has taken the opposite approach. Claude Mythos Preview remains strictly invitation-only through Project Glasswing, limited to 12 founding organizations and roughly 40 vetted critical-infrastructure operators globally. UK AI Security Institute (AISI) testing found GPT-5.5 scored 71.4% on expert-level cybersecurity tasks, slightly above Mythos at 68.6%.
Cyber Capability as an Emergent Byproduct
AISI found that GPT-5.5 completed a simulated 32-step corporate cyberattack in 2 of 10 attempts, a task estimated to take a human expert 20 hours. Researchers noted that cyberattack capabilities appear to emerge as a byproduct of improvements in coding and reasoning rather than deliberate design, a pattern with significant implications for AI safety governance. Source: eWeek
Related Articles
After Trump ordered federal agencies to stop using Anthropic AI, the Pentagon designated the firm a national security supply chain risk—and OpenAI secured a competing Defense Department agreement within hours.
The U.S. Department of Defense finalized AI deployment agreements with OpenAI, Google, Microsoft, AWS, NVIDIA, SpaceX, Reflection AI, and Oracle for its most classified networks. Anthropic was excluded after refusing to allow Claude to be used for purposes including autonomous weapons and mass surveillance.
OpenAI's new EU Cyber Action Plan grants vetted European cybersecurity teams access to GPT-5.5-Cyber, a defensive variant of its latest model tuned for vulnerability research and malware analysis. Anthropic continues to restrict its more powerful Mythos model over exploitation concerns.