The battle between OpenAI and Anthropic is entering a new phase. Following the global release of Claude Fable 5 and Mythos 5, Anthropic has reclaimed its position in the race for the most advanced cybersecurity models. OpenAI responded immediately with GPT-5.5-Cyber, a model touted as its most powerful system for cybersecurity, which now leads the CyberGym benchmark with a score of 85.6%, ahead of Mythos 5 (83.8%).1
The landscape has changed dramatically. Whereas debates recently centered on the temporary suspension of Mythos 5 and government oversight of the most powerful AIs, the competition has now shifted back to the technological arena. Both labs now have their most advanced models, and cybersecurity is becoming, more than ever, a strategic field where performance, digital sovereignty, and national security are intertwined.
The timing is no coincidence. Just as the return of Mythos 5 temporarily brings the chapter on U.S. restrictions to a close, OpenAI has chosen this very moment to unveil GPT-5.5-Cyber. With a higher score on CyberGym, the company is clearly asserting its ambition to take the lead in cybersecurity-specialized AI.
Behind the performance figures, a much broader competition is taking shape, one that involves national security, digital sovereignty, the protection of critical infrastructure, and technological dominance.
GPT-5.5-Cyber Takes First Place in a Strategic Benchmark
OpenAI’s announcement is based on a benchmark that is closely watched in the cybersecurity sector: the CyberGym benchmark. Developed by the University of California, Berkeley, this test evaluates the ability of artificial intelligence models to identify, understand, and fix real vulnerabilities found in open-source projects.2
Unlike many academic benchmarks, which are often criticized for being too theoretical, CyberGym is based on 1,507 real-world vulnerabilities drawn from 188 software projects used around the world. The models must be able to understand the origin of a vulnerability, explain its potential impact, and propose an appropriate fix.
According to OpenAI, GPT-5.5-Cyber achieved a score of 85.6%, compared to 83.8% for Mythos 5.1 The difference may seem modest, but in a field where every percentage point of performance potentially represents hundreds of additional vulnerabilities detected, this improvement is far from negligible.
What's more, this achievement comes just as Mythos 5 has regained global availability. GPT-5.5-Cyber thus takes the lead in CyberGym just as its main competitor returns to the market, immediately reigniting the competition between OpenAI and Anthropic.
Cybersecurity Is Becoming the New Battleground for AI Giants
For several years, competition among artificial intelligence labs has centered on general-purpose models capable of writing text, generating code, or producing images. Today, priorities are shifting.
Specialized models are gradually becoming strategic assets.
Following models designed for scientific research, biology, and software engineering, cybersecurity is now emerging as one of the most critical fields. Businesses, public agencies, and governments are seeking tools capable of detecting vulnerabilities before they are exploited by cybercriminals or hostile state actors.
In this context, GPT-5.5-Cyber and Mythos 5 represent much more than just commercial products. They embody a new generation of artificial intelligence designed to protect the digital infrastructure that has become essential to the functioning of modern economies.
The Mythos 5 case has, in fact, demonstrated just how much these technologies are now considered strategic by governments.
Detecting a vulnerability before hackers do: the promise of GPT-5.5-Cyber
OpenAI emphasizes a key point: GPT-5.5-Cyber was not designed to automate cyberattacks.
The company presents its model as a defensive tool designed to assist security teams in their day-to-day work. Specifically, the AI is capable of analyzing source code, identifying potential vulnerabilities, explaining how they work, and suggesting appropriate fixes.1
The model can also trace the origin of a flaw, assess its severity, and generate the information needed for human validation.
This approach perfectly illustrates the current approach to AI in cybersecurity. The goal is not to replace experts but to increase their efficiency. In many organizations, analysts still spend several hours manually reviewing alerts or potentially vulnerable portions of code. Systems like GPT-5.5-Cyber could significantly reduce this analysis time.
For OpenAI, the future of cybersecurity lies in this collaboration between human expertise and artificial intelligence.
Executive Training
AI & Data Science
s for Managers
Integrate AI into your business strategy. A 360° approach—Technology, Business, and Ethics—designed for decision-makers. Prerequisites: 5 years of managerial experience.
The return of Mythos 5 immediately reignites the competition
The launch of GPT-5.5-Cyber comes just a few days after another major announcement: Anthropic has restored global access to Claude Fable 5 and Mythos 5, following the lifting of U.S. restrictions on these models.3
For several weeks, Mythos 5 had become a symbol of the tensions between innovation and national security. U.S. authorities had temporarily restricted its international distribution in order to assess the risks associated with its advanced cybersecurity capabilities.
His return profoundly changes the situation. The question is no longer whether Mythos 5 can be used, but which lab will now offer the best cybersecurity model.
In this new context, OpenAI is no longer seeking to take advantage of its competitor’s absence. Instead, the company has chosen to go head-to-head with Anthropic on the basis of technical performance. With a higher score on CyberGym, GPT-5.5-Cyber now claims the top spot among models specialized in detecting and fixing vulnerabilities.
The rivalry between the two laboratories is thus shifting from the regulatory arena back to the realm of innovation.
Daybreak, Codex Security, and Patch the Planet: OpenAI’s cybersecurity ecosystem is taking shape
GPT-5.5-Cyber isn't coming alone.
OpenAI is using this announcement as an opportunity to strengthen its entire cybersecurity ecosystem. In particular, the company is developing Daybreak, a platform dedicated to software security and vulnerability analysis.1
Among the new features is Codex Security, a tool capable of automatically detecting, validating, and correcting certain vulnerabilities in software projects. OpenAI is also expanding its Cyber Partner Program, which allows specialized companies such as IBM to integrate GPT-5.5-Cyber into their own security solutions.
Finally, the company is continuing its “Patch the Planet” initiative, which aims to strengthen the security of critical open-source projects. According to OpenAI, several dozen patches have already been integrated into widely used software such as Python and cURL.1
This strategy shows that the company is not merely seeking to sell a high-performance model. It is gradually building a comprehensive platform dedicated to AI-powered cybersecurity.
Can AI really secure the Internet on a large scale?
Despite the impressive performance demonstrated by GPT-5.5-Cyber, several questions remain.
Benchmarks measure technical capabilities in a controlled environment. The reality of actual operations is often more complex. Modern IT infrastructures consist of millions of lines of code, a wide variety of configurations, and environments that are sometimes very different from laboratory conditions.
False positives, misinterpretations, and previously unknown vulnerabilities remain significant challenges. Experts regularly point out that no automated system can currently fully replace human analysis.
The actual effectiveness of GPT-5.5-Cyber will therefore depend on its adoption by security professionals and its ability to produce reliable results in complex environments.
The coming months will determine whether the performance observed on CyberGym actually translates into a tangible improvement in the security of computer systems.
Ethical Issues: Protecting Systems or Creating New Digital Weapons?
Like Mythos 5 before it, GPT-5.5-Cyber raises a fundamental question: Can an AI capable of detecting vulnerabilities be used exclusively for defensive purposes?
The issue is that of “dual use,” which is well known in the defense and cybersecurity sectors. A technology capable of quickly identifying a vulnerability can also enable a malicious actor to exploit it more quickly.
This ambiguity explains why governments are paying increasing attention to advances in specialized cybersecurity models. The Mythos 5 episode showed that public authorities were prepared to intervene when specialized models reached a level of capability deemed strategic. Even though the restrictions were ultimately lifted, this episode will likely stand as an important precedent in the international governance of cybersecurity AI.
A new battle is brewing between OpenAI and Anthropic
The arrival of GPT-5.5-Cyber confirms that the competition between OpenAI and Anthropic is entering a new phase. After the race to develop general-purpose models, the two companies are now competing in much more strategic areas: cybersecurity, critical infrastructure, scientific research, and sensitive technologies.
The return of Mythos 5 isn’t slowing down the competition—it’s accelerating it. OpenAI and Anthropic now both have top-tier models capable of assisting experts in detecting vulnerabilities, analyzing code, and securing critical infrastructure.
Behind this commercial rivalry lies a deeper shift: specialized models are gradually becoming strategic technologies on par with semiconductors, cloud infrastructure, and supercomputers. The next battle in artificial intelligence will no longer be fought solely over conversational assistants. It will now pit models against one another that are capable of protecting critical infrastructure, assisting cybersecurity teams, and—perhaps in the future—becoming key players in the digital defense of governments and businesses.
How does GPT-5.5-Cyber work?
GPT-5.5-Cyber is a specialized artificial intelligence model designed by OpenAI to assist cybersecurity professionals in identifying, analyzing, and fixing software vulnerabilities. Unlike general-purpose models capable of handling a wide variety of tasks, GPT-5.5-Cyber has been specifically optimized to understand computer code, detect complex security flaws, and support defense teams in their technical investigations.
The system leverages GPT-5.5’s advanced reasoning and analytical capabilities, enhanced by specialized training on vulnerability databases, security repositories, open-source projects, and real-world attack scenarios. When software or source code is submitted to it, the model is able to examine the various functions, identify abnormal behavior, detect design flaws, and suggest fixes that comply with security standards.
GPT-5.5-Cyber is also integrated into OpenAI’s security ecosystem, notably through the Daybreak platform and Codex Security tools. This architecture enables it to assist developers throughout the software lifecycle, from code auditing to patch validation. The goal is not to replace cybersecurity experts but to enable them to address vulnerabilities more quickly, automate certain repetitive tasks, and focus their efforts on the most critical threats.
- Advanced Vulnerability Detection: Identifying Security Flaws in Complex Software Projects
- Source Code Analysis: Understanding a Program’s Dependencies, Functions, and Internal Mechanisms
- Proposed fixes: generating recommendations to address detected vulnerabilities
- Risk Validation: Assessment of the Criticality and Exploitation Potential of Vulnerabilities
- Support for SOC Teams: Assistance with Incident Analysis and Threat Investigation
- Integration with Daybreak: Use Within OpenAI’s Cybersecurity Platform
- Open-source support: contributing to the security of critical projects such as Python and cURL
- Contextual reasoning: the ability to connect multiple technical elements to understand the source of a vulnerability
- The Need for Human Validation Before Deploying Critical Patches
- Risk of false positives in highly complex software environments
- Difficulty in identifying certain previously unknown vulnerabilities or those that are highly specific to a particular business context
- Dependence on the quality and timeliness of the knowledge bases used during training
- Potential for misuse for offensive purposes if access controls are insufficient
- Limitations Related to the Interpretation of Proprietary or Highly Customized Infrastructure
Learn more
The launch of GPT-5.5-Cyber comes amid the controversial suspension of Anthropic’s Mythos 5 and Fable 5 models. To understand the geopolitical and strategic issues now surrounding the most advanced AIs, read our article“The Sudden Withdrawal of Fable 5 Revives a Controversial Question: Who Really Controls the Most Powerful AIs? ”, which analyzes the consequences of this decision and the growing debate surrounding digital sovereignty.
References
1. OpenAI. (2026). Introducing GPT-5.5-Cyber and the Daybreak Security Platform.
https://openai.com
2. University of California, Berkeley. (2026). CyberGym Benchmark for AI Cybersecurity Models.
https://cybergym.berkeley.edu
3. Anthropic. (2026). Mythos 5 Safety Framework and Access Restrictions.
https://www.anthropic.com

