Who Gets the Power First
Researchers and technology leaders who have tested Anthropic’s Mythos and OpenAI’s GPT-5.5 say the models’ hacking capabilities are advancing much faster than expected, with the United Kingdom’s AI Security Institute finding that Mythos can fully take over a corporate network in six out of 10 attempts and GPT-5.5 can do the same in three out of 10 tries. That is the kind of machine-made leverage that lands first in the hands of institutions, not ordinary people, while the rest of society is left to absorb the fallout.
British AI Minister Kanishka Narayan said in a statement provided to POLITICO that cyber capabilities in leading AI systems are advancing much faster than expected. The statement reads like a warning from the top of the apparatus after the apparatus has already helped build the thing it now fears.
Anthropic and OpenAI have spent the last month touting the hacking capabilities of their new artificial intelligence models, and researchers with access to the tools say they are not exaggerating. POLITICO spoke to nine of the nation’s top cyber researchers and tech leaders who have experimented with Mythos and GPT-5.5 in a controlled setting, and all of them came to the same conclusion that the tools are advancing much faster than anticipated and will change the digital security landscape forever.
What the Gatekeepers Are Saying
Lee Klarich, chief product and technology officer at cybersecurity company Palo Alto Networks, said testing Mythos was a game-changer. He said, “It was very clear to me that this was going to be a game-changer,” and added, “I would actually say if you asked me today, it’s more [powerful] than I thought it was going to be then.” Isaac Evans, CEO of cybersecurity company Semgrep, said Mythos “exceeded our expectations.” Evans said, “The model’s not superhuman across all dimensions, but at least in some narrow cases, it’s really demonstrating an uncanny ability around exploit generation.” He added that some described Mythos as capable of generating “a SolarWinds every quarter,” referring to the Russian government’s breach of U.S. federal agencies in 2020, which is widely regarded as one of the worst hacks in history and affected more than 18,000 organizations worldwide through compromised software.
Jonathan Trull, chief information security officer of IT security company Qualys, which is testing GPT-5.5, said the model “can basically do what your most advanced app security engineer can do.” Cloudflare Chief Security Officer Grant Bourzikas said in a blog post published this week that Mythos can both identify vulnerabilities and write code to exploit them, marking a “real step forward” for this type of advanced AI technology. Broadcom, which has been testing Mythos against its own software code, described its findings as “jolting” in a report published last month. The report said, “We are learning things that appear unlikely to ever have been uncovered by human researchers alone.”
Anthropic said at the time of Mythos’ announcement last month that the model had “already found thousands of high-severity vulnerabilities, including some in every major operating system and web browser,” and warned that the consequences of setting the technology loose could be “severe” for global economies, public safety and national security. The companies have kept testing of their frontier AI models limited to small groups of trusted organizations because of the technologies’ advanced cyber capabilities, which have so far outpaced other publicly available digital tools and even the most skilled human minds.
Who Pays for the Race
The article says government agencies, congressional committees, banks and regulators have been clamoring for access in recent weeks so they can secure critical networks before adversaries get their hands on the technology to launch devastating cyberattacks. The scramble shows the familiar pattern: those with the least control over the systems are expected to live with the risks created by those who build and deploy them.
It also says concerns are rising that China and other adversaries could soon develop their own advanced AI tools, and that China has launched an industrial-scale campaign to copy American AI technology in so-called distillation attacks. The competition is framed as a geopolitical race, but the people below the corporate and state layers are the ones who will face the damage when these tools are turned loose.
The Trump administration is described as acutely aware of these dangers and scrambling to work with tech companies, government agencies and critical infrastructure groups to figure out how to deploy these tools quickly and safely before the clock runs out. President Donald Trump abruptly postponed signing an executive order earlier this week that would have established a voluntary process for tech companies to submit certain AI models to the federal government for testing. Former AI czar David Sacks raised concerns about the executive order stifling innovation with Trump at the last minute, plunging the process into chaos. Trump told POLITICO on Friday that he had “many” concerns about the draft executive order and worried it was “inhibiting the industry.” It is unclear when the executive order will be signed.
The Limits of Their Fixes
The article also says advanced AI tools could be a game-changer for cyber officials who secure critical networks across water facilities, hospitals and telecommunication networks because AI models could allow coders to check for bugs in new software before release rather than waiting until after they have been exploited to fix issues. Klarich said, “There’s a future state where we will actually be producing more secure products, more secure code as opposed to having to remediate things that are already released.” He added that defenders could try to leverage strengths demonstrated by various AI models, including Mythos and GPT-5.5, to create a “multi-model architecture” to secure their networks.
Evans said, “These model developments mainly are advantages for attackers rather than defenders.” That line cuts through the polished language of “security” and “innovation”: the tools are being built in a system where the same institutions that profit from the race are also the ones asking for permission to manage the consequences after the fact.