AINEWS
OpenAI Matches Anthropic's Dangerous AI on Security Test, Keeps Harder Score Private
OpenAI released a model it rated High risk for cybersecurity capabilities. The benchmark it most needs to defend is one it has not published.
OpenAI released a model it rated High risk for cybersecurity capabilities. The benchmark it most needs to defend is one it has not published.
OpenAI released a model it rated High risk for cybersecurity capabilities. The benchmark it most needs to defend is one it has not published.
RD World published a detailed technical comparison Thursday that sharpens a gap in OpenAI's own disclosure RD World. On Terminal-Bench 2.0, a standard terminal-navigation test, GPT-5.5 scores 82.7 percent OpenAI blog. On Terminal-Bench 2.1, a harder version of the same test with four-hour task timeouts, Anthropic's Claude Mythos Preview scored 92.1 percent. OpenAI has not disclosed a comparable result for GPT-5.5 under matching conditions. That omission is the most technically revealing fact in the comparison — and the one OpenAI is most reluctant to discuss.
The High risk classification is documented. Under OpenAI's own Preparedness Framework, GPT-5.5 is rated High risk for both biological and cybersecurity capabilities OpenAI blog — the same threshold Anthropic used to restrict Mythos to a small partner program. What OpenAI has not published is which API endpoints carry additional restrictions under that classification and how those restrictions are enforced in the deployed product. Its Trusted Access for Cyber licensing tier — verified power grid operators, water utilities, and critical infrastructure managers get fewer refusals on security-sensitive prompts — is described in marketing terms, not technical specification.
XBOW, a security firm that tests AI models against real vulnerable code rather than abstract benchmarks, called GPT-5.5 a Mythos-like step change in vulnerability detection, open to all VentureBeat. The comparison is deliberate. One company used the High threshold to restrict access; the other used it to create a tiered commercial product.
Average time between vulnerability discovery and working exploit is already under twenty hours, according to Zero Day Clock data cited in a Cloud Security Alliance briefing Help Net Security. That window predates GPT-5.5. A model rated High risk for cyber capabilities, available through the standard developer API at effectively double the prior generation's pricing — thirty dollars per million output tokens VentureBeat — compresses that window further for both defenders and attackers.
On six of nine overlapping benchmarks in the RD World comparison, Mythos leads RD World. OpenAI's own tables flag evidence of memorization concerns on SWE-bench Pro — the real-world code resolution test — but publish no analysis to account for the gap. The benchmark OpenAI is most eager to contest is the one it has not run.
Anthropic's 245-page system card for Mythos is more explicit about what the model can do and what it refuses Anthropic red team report — but it describes a model nobody can use. OpenAI's Preparedness Framework describes the High risk classification and the cyber-permissive licensing tier. The gap between the classification and the endpoint documentation is where the empirical question lives. Whether the Trusted Access tier represents a substantive restriction or a marketing label over comparable controls is one question the available public record does not cleanly answer. The harder empirical question — whether GPT-5.5's API access actually restricts vulnerability discovery in ways that differ from Anthropic's gatekeeping — is one the documentation does not address at all.
OpenAI made a different call. The defenders who partnered with Anthropic now have an OpenAI alternative. Security firms building automated penetration testing tools, red team automation, and AI-augmented code review have a new capability at commodity pricing. Whether that matters depends entirely on what the endpoint restrictions actually say.