#cybersecurity

r/singularity did not stop at the number 271. The thread focused on what it means if large codebases enter an era of near-continuous AI-assisted patching.

HN treated “AI cybersecurity is not proof of work” as a serious argument about search, model capability, and security asymmetry. The thread pushed past hype into a harder question: when an LLM flags a bug, did it understand the exploit path or just sample a suspicious pattern?

OpenAI is widening access to GPT-5.4-Cyber through verified cyber-defense channels, with $10 million in API credits and government evaluation access attached. The real story is the access model: stronger cyber capability is being paired with identity checks, tiered trust, and accountability rather than a simple public release.

OpenAI’s Trusted Access for Cyber is moving from access policy to ecosystem buildout. The April 16 update names major banks and security vendors, commits $10 million in API credits, and gives GPT-5.4-Cyber access to U.S. and UK AI security evaluators.

Why it matters: OpenAI is widening access to a more cyber-permissive model instead of leaving advanced defensive workflows inside a tiny pilot. The April 14 post says top Trusted Access tiers can request GPT-5.4-Cyber, and the linked policy says TAC is being expanded to thousands of defenders and hundreds of teams.

Artemis came out of stealth with $70 million and a bet that defenders need an AI-native security brain, not more alert noise. The startup says it has already closed several seven-figure deals and expects multi-million-dollar ARR before the end of 2026.

Reuters’ new Mythos analysis argues banks are staring at a timing problem, not a distant risk. Officials in the U.S., Canada, and Britain have already met with banking leaders, and Anthropic says the model found thousands of high and critical vulnerabilities.

The notable shift here is not just a new model variant but a wider access lane for defensive security work. OpenAI says Trusted Access for Cyber is expanding to thousands of verified individual defenders and hundreds of teams, with the top tiers able to request GPT-5.4-Cyber.

OpenAI is separating defensive cyber use from broad model access: verified individuals and vetted teams can now reach a cyber-permissive GPT-5.4 variant with binary reverse engineering support. The move matters because TAC is expanding from a narrow program to thousands of defenders and hundreds of teams.

A Reddit thread pulled attention to AISI’s latest Mythos Preview evaluation, which shows a step change not just on expert CTFs but on multi-stage cyber ranges. The important claim is not generic danger rhetoric, but that Mythos became the first model to complete a 32-step corporate attack simulation end to end.

Anthropic unveiled Project Glasswing on April 7, 2026, giving major tech and security partners access to Claude Mythos Preview for defensive vulnerability discovery. The company says the model has already found thousands of high-severity flaws and is backing the effort with up to $100 million in usage credits and $4 million in open-source donations.

In a 1247-point Hacker News thread, AISLE argued that small open-weight models can recover much of Mythos-style exploit analysis when the context is tightly scoped, and the comments pushed back hard on the methodology.