OpenAI Prepares a Limited Release Cybersecurity Model, Following Anthropic with Mythos
OpenAI Prepares a Limited Release Cybersecurity Model, Following Anthropic with Mythos
OpenAI is in the final stages of developing a cybersecurity product that will be distributed to a select group of partners, according to Axios citing an anonymous source. The news comes just days after Anthropic's announcement of Claude Mythos Preview and Project Glasswing, which has raised expectations for the entire category. At first glance, it may seem that OpenAI is chasing its rival, but in reality, the situation is more nuanced.
Who Took the First Step
On February 5, 2026, OpenAI released GPT-5.3-Codex along with the Trusted Access for Cyber program, a controlled distribution framework based on verified identities and graduated trust levels. This was already, for all intents and purposes, the first public implementation of a restricted access system for a high-risk classification AI model in cybersecurity. Sam Altman emphasized on X that GPT-5.3-Codex is "the first model to reach 'High' rating for cybersecurity in our Preparedness Framework," the internal classification system OpenAI uses to decide if and how to release a model. The Preparedness Framework explicitly states that a model classified as "High" cannot be distributed without preventive mitigation measures: Trusted Access for Cyber represents a fully operational response to that rule.
This is our first model that hits "high" for cybersecurity on our preparedness framework. We are piloting a Trusted Access framework, and committing $10 million in API credits to accelerate cyber defense.
ā Sam Altman (@sama) February 5, 2026
The program includes two levels of access. Individual users can verify their identity at chatgpt.com/cyber to unlock advanced features; companies can request extended trusted access for their entire team through their OpenAI representative. There is also a third level, by invitation, aimed at researchers and security teams who need access to "even more capable or permissive models" to accelerate legitimate defensive work, which the new product in development targets. In addition, there is the Cybersecurity Grant Program, with $10 million in API credits reserved for teams with a verifiable track record in identifying and resolving vulnerabilities in open source software and critical infrastructures.
The Leap GPT-5.3-Codex Did Not Make
GPT-5.3-Codex is available to paid ChatGPT users for daily use in software development, but OpenAI deliberately blocked full API access for high-risk applications and did not enable automation at scale. The card system published in February is explicit: OpenAI "has no definitive evidence that the model can automate cyber attacks end-to-end," but has chosen a precautionary approach. The difference with Anthropic's Mythos, which according to leaked sources is designed to autonomously identify and exploit zero-days within hours, is significant. It is on this claimed capability gap that the narrative of "chasing" plays out.
1/ Did @OpenAI just break California's new AI safety law?
The answer appears to be yes, and OpenAI could owe millions in fines.
š§µ
pic.twitter.com/32t40qAO22
ā The Midas Project (@TheMidasProj) February 6, 2026
It is no coincidence that Fortune characterized the release of GPT-5.3-Codex as the moment when OpenAI "came face to face with the risks of releasing the most powerful model it had ever built." In the midst of this process, The Midas Project has accused OpenAI of not implementing the legally required protections under California's AI safety law for high-risk cyber classified models, adding a legal front to the competitive pressure. The new product in development thus also represents a response to this criticism: a dedicated layer, separate from GPT-5.3-Codex, with more stringent guarantees and controls specifically designed for the enterprise cyber context.