OpenAI quietly shipped two cybersecurity-focused AI models in recent months that perform on par with Anthropic’s Claude Mythos, the very system that drew a pointed intervention from the Trump administration. The difference: nobody in Washington seems to care this time.

That selective silence is the real story. Two companies built functionally similar tools for finding and exploiting software vulnerabilities. One got slapped with foreign-national access restrictions. The other got handed contracts with major UK banks.

What OpenAI actually built

OpenAI launched GPT-5.4-Cyber in April 2026 and followed up with GPT-5.5-Cyber in May. Both models are purpose-built for vulnerability discovery, binary reverse engineering, and automated patching, essentially the same capability set that made Anthropic’s Mythos simultaneously impressive and controversial.

The models are distributed through OpenAI’s “Trusted Access for Cyber” program, or TAC. The program vets security teams before granting access, but its approach is notably broader than Anthropic’s Project Glasswing, which restricts distribution more tightly due to concerns about offensive hacking applications.

Since May, TAC has provided access to thousands of verified defenders. On raw performance, the UK AI Security Institute found that GPT-5.5-Cyber scored 85.6% on the CyberGym benchmark, a standardized test for AI-driven cybersecurity tasks. That result puts it in direct competition with Mythos on key metrics, occasionally outperforming Anthropic’s model depending on the task category.

OpenAI also launched the Daybreak platform in May 2026. It is a managed cybersecurity layer sitting on top of the models, designed to automate vulnerability management for enterprise customers.

The Anthropic problem

Anthropic unveiled Claude Mythos Preview in early April 2026, touting autonomous cyber capabilities. OpenAI responded almost immediately with its own models.

In June 2026, the Trump administration directed Anthropic to restrict access to its Fable 5 and Mythos models for foreign nationals, citing national security concerns. The order reportedly caused internal turmoil at Anthropic, which had been positioning Mythos as a breakthrough product for global security teams.

No comparable restriction has been placed on OpenAI’s models. GPT-5.5-Cyber continues to operate without similar governmental constraints. In June 2026, OpenAI offered GPT-5.5-Cyber to nine major UK banks, institutions that were effectively barred from accessing Mythos under the new restrictions.

Why crypto and Web3 should pay attention

Blockchain protocols, DeFi platforms, and exchanges are among the most targeted digital infrastructure on the planet. Smart contract vulnerabilities alone have cost the industry billions over the past several years. AI models capable of autonomously discovering and patching code-level vulnerabilities are not a theoretical benefit for crypto.

If Anthropic’s Mythos is locked behind government-imposed restrictions that limit who can use it and where, crypto-native security teams operating globally may find themselves unable to tap the best available tools. OpenAI’s broader access model through TAC becomes the default option by elimination, not necessarily by superiority.

OpenAI’s Daybreak platform is explicitly targeting automated vulnerability management at scale. Nine UK banks are already adopting these tools. Anthropic’s regulatory headaches, meanwhile, could depress its competitive position in exactly the market segments where crypto companies need the most help, as enterprises that need global deployment capabilities will gravitate toward the provider that can actually deliver globally.