Unlock the Editor’s Digest for free
Roula Khalaf, Editor of the FT, selects her favourite stories in this weekly newsletter.
OpenAI has released a model focused on cyber security to a select group of customers, a week after a similar move by rival Anthropic, amid rising concern about AI’s ability to exploit software vulnerabilities.
The model, called GPT-5.4-Cyber, is designed to autonomously find flaws or bugs in software, alerting cyber security professionals to fix the issues before they are exploited by bad actors.
Its launch on Tuesday comes a week after rival Anthropic released its Mythos model, which has similar capabilities, to a small number of organisations.
AI labs are concerned that these powerful new models could help hackers and render many current cyber security defences obsolete. The launch of Anthropic’s model also knocked software stocks as investors were spooked by how such tools would affect the sector.
“Cyber risk is already here and accelerating, but we can act,” OpenAI said in a blog announcing its model. “Digital infrastructure has already been vulnerable for years, before advanced AI even came along.”
Anthropic has said Mythos has already detected thousands of severe vulnerabilities, including in “every major operating system and web browser”, some of which had been undetected for decades.
An earlier OpenAI cyber security product called Codex Security, released in March, had contributed to fixing more than 3,000 critical and high-priority vulnerabilities, the company said.
GPT-5.4-Cyber has been trained to have fewer restrictions than generally available OpenAI models in order to increase its abilities.
Both Anthropic and OpenAI have said these tools can help as a line of defence against hackers, who are using AI to find and exploit cyber weaknesses.
The AI cyber security arms race has caused concern among governments and financial institutions.
Last week, US Treasury secretary Scott Bessent and Federal Reserve chair Jay Powell summoned some of the largest US banks to discuss the cyber risks Mythos posed. Financial regulators and banks have also discussed the model.
OpenAI on Tuesday said its new model would be released to members of a trusted access programme for cyber security that it created in February. Customers and professionals are vetted and go through a security process before being granted access to the programme.
“Our goal is to make these tools as widely available as possible while preventing misuse,” it added. OpenAI said the new model was available only to the highest tier of the programme, but it would seek to expand access in future. The company has not yet disclosed any of its partners.