OpenAI rolls out carefully

OpenAI is reportedly preparing a new model with strong cybersecurity skills, but Axios says the company plans to give it first to only a small set of companies instead of pushing it straight to everyone at once. That is a very different launch pattern from the old “ship the model, then watch what happens” playbook. (axios.com) The reason is simple: a model that can help defenders find software flaws can also help attackers find them faster. OpenAI said in a December 10, 2025 post that cyber capabilities are advancing rapidly and can create “dual-use” risk, meaning the same tool can protect systems or break into them. (openai.com) That caution did not appear out of nowhere this week. Axios reports OpenAI’s plan mirrors Anthropic’s decision to keep its Claude Mythos Preview model inside a limited cybersecurity program instead of releasing it broadly to the public. (axios.com, techcrunch.com) Anthropic announced Mythos through a program called Project Glasswing, and CNBC reported on April 7, 2026 that access would go only to a select group of companies. The company said the model is especially good at spotting weaknesses in software, which is exactly the kind of capability that makes executives excited and safety teams nervous at the same time. (cnbc.com) While that is happening on the model side, OpenAI’s workplace product is getting more knobs, switches, and connectors. In ChatGPT Business release notes published March 27, 2026, OpenAI said it was rolling out updated Box, Notion, Linear, and Dropbox apps with new actions, including write capabilities where supported. (help.openai.com) That detail matters because “write capabilities” turns ChatGPT from a tool that answers questions into a tool that can change company systems. A chatbot that can read a project tracker is useful; a chatbot that can update the tracker, create files, and move work across apps starts to look like office infrastructure. (help.openai.com) OpenAI’s own release notes also say those app changes are enabled automatically, while workspace admins and owners can review app actions in settings and authorize any new permission scopes. That is the language of information technology administration, not the language of consumer novelty. (help.openai.com) The same page notes an updated Codex rate card tied to token-based usage pricing, even as regular ChatGPT rates stay unchanged. Once a product has usage meters, admin settings, app permissions, and billing rules, buyers start treating it like email, payroll software, or cloud storage: something that has to be governed, audited, and kept reliable. (help.openai.com) Put those two tracks together and a pattern shows up. The more capable the model gets, the more carefully it is released; the more embedded the workplace product gets, the more customers will ask for controls before they ask for magic. (axios.com, help.openai.com, openai.com) That is why a limited launch and a boring admin update belong in the same story. One says frontier models are now powerful enough to be gated like sensitive security tools, and the other says the market for those models is shifting toward companies that want permissions, logs, pricing clarity, and predictable behavior before they wire artificial intelligence into daily work. (axios.com, help.openai.com, openai.com)