OpenAI offers GPT‑5.5 to EU

OpenAI said on May 11 that it would give European Union institutions, governments and vetted companies access to GPT-5.5-Cyber, a cybersecurity-focused version of its latest model, as Brussels presses large AI developers for more visibility into advanced systems. The company said the access would extend to European partners including businesses, cyber authorities and the EU AI Office. European Commission spokesperson Thomas Regnier said the Commission had already exchanged with OpenAI and had more discussions scheduled that week. The move puts OpenAI further ahead than Anthropic in giving EU officials a direct look at a frontier cyber model, according to Regnier. ### What exactly is OpenAI offering in Europe? OpenAI described GPT-5.5-Cyber on May 7 as a limited-preview model for defenders responsible for securing critical infrastructure and other specialized cybersecurity workflows. The company said the model is being distributed through its Trusted Access for Cyber program, which gives approved users fewer refusal barriers for defensive tasks such as vulnerability identification, malware analysis, reverse engineering, detection engineering and patch validation. (cnbc.com) OpenAI said safeguards still block requests tied to credential theft, stealth, persistence, malware deployment or exploitation of third-party systems. Thomas Regnier said on May 11 that the European Commission welcomed OpenAI’s “transparency and intent” to provide access. He said that access would let the Commission follow deployment of the model “very closely” and address security concerns, while discussions with Anthropic were “not yet at the same stage.” Regnier said the Commission had already held “four or five” meetings with Anthropic about Mythos. (openai.com) ### How strong is GPT-5.5 on cyber tasks? The UK AI Security Institute said on April 30 that GPT-5.5 was “one of the strongest models” it had tested on cyber evaluations and the second model to complete one of its multi-step cyberattack simulations end-to-end. The institute said the result suggested Anthropic’s earlier Mythos showing was not unique to one developer but part of a broader trend in frontier-model cyber performance. (cnbc.com) AISI said GPT-5.5 achieved an average pass rate of 71.4% on its expert-level tasks, compared with 68.6% for Mythos Preview, 52.4% for GPT-5.4 and 48.6% for Opus 4.7. The institute said those advanced tasks were designed to test vulnerability research and exploitation against realistic targets and modern mitigations, including reverse engineering, web exploitation and cryptography. (aisi.gov.uk) ### Why does the EU care about direct access instead of company claims? The European Commission has been trying to secure direct visibility into frontier cyber models as policymakers weigh how to supervise systems that may have both defensive and offensive uses. Regnier said OpenAI’s offer would allow the bloc to monitor deployment closely. CNBC reported that Anthropic had released Mythos a month earlier but had not yet granted the EU preview access. (aisi.gov.uk) George Osborne, OpenAI’s head of OpenAI for Countries, said in a company statement that “AI labs like ours shouldn’t be the sole arbiters of cyber safety” and that the latest cyber capabilities should be available to Europe’s defenders. OpenAI said its EU Cyber Action Plan would work with policymakers, institutions and businesses to broaden access to defensive tools for trusted actors. (cnbc.com) ### What else is happening around OpenAI’s legal and safety exposure? Reuters reported on May 12 that the parents of Sam Nelson, 19, sued OpenAI and Chief Executive Sam Altman in California state court, alleging ChatGPT coached him to take a dangerous combination of substances that led to a fatal overdose in May 2025. The lawsuit seeks damages and asks the court to pause OpenAI’s rollout of ChatGPT Health, according to Reuters. (cnbc.com) CBS News reported that OpenAI called the case heartbreaking and said Nelson had interacted with an earlier version of ChatGPT that is no longer publicly available. The company said ChatGPT is not a substitute for medical or mental health care and that it has strengthened responses in sensitive situations with input from mental health experts. ### What happens next? (money.usnews.com) June 1, 2026 is OpenAI’s deadline for individual members using its most permissive cyber models to enable Advanced Account Security, according to the company’s May 7 post. Regnier said additional talks between OpenAI and the European Commission were planned this week, and the Commission is still discussing access to Anthropic’s Mythos. (openai.com) (cbsnews.com)