OpenAI plans gated cyber model

OpenAI is building a cybersecurity product and, according to Axios on April 9, plans to give it only to a small group of partners instead of putting it on the open market right away. Axios said the company is worried enough about autonomous hacking that it is choosing a staggered rollout from the start. (axios.com) That is a change in how these systems are being sold. A chatbot for writing emails can be posted to millions of users at once, but a model that can find software flaws starts to look more like a lock-pick set that only certain people are allowed to borrow. (axios.com) The immediate backdrop is Anthropic, which on April 8 announced a restricted cybersecurity release called Claude Mythos Preview under a program named Project Glasswing. Anthropic said the model is being offered only to a select group of companies because it is unusually strong at spotting weaknesses in software and infrastructure. (cnbc.com) Anthropic had already been warning that this was not a hypothetical risk. In a December 2025 post, the company said it disrupted what it described as the first reported artificial-intelligence-orchestrated cyber espionage campaign, with attackers using agentic tools to inspect systems and identify high-value targets. (anthropic.com) OpenAI has been laying the policy groundwork for the same problem. In its updated Preparedness Framework published on April 15, 2025, the company said it evaluates frontier models for severe risks including cybersecurity and sets deployment thresholds for models that score too high on dangerous capability tests. (openai.com) OpenAI then got more specific on December 10, 2025, saying its models were becoming more capable in cybersecurity and that it was adding safeguards and working with outside security experts. That post framed cyber tools as dual-use systems, useful for defense and dangerous for misuse at the same time. (openai.com) By February 2026, OpenAI had a name for the gate around that capability: Trusted Access for Cyber. The company said the framework was meant to expand access to frontier cyber capabilities while screening users and adding stronger protections against abuse. (openai.com) One detail in the reporting matters a lot: the gate appears to be around the cybersecurity product, not around every upcoming OpenAI model. The Decoder reported that Axios corrected its story to say the limited rollout applies to the cyber product rather than to OpenAI’s next general model. (the-decoder.com) So the new pattern is not “build a powerful model and release it everywhere.” The new pattern is “build a powerful model, wrap it in policy, vet the customers, and treat access itself as a safety feature,” which is now visible at both OpenAI and Anthropic within the same week. (axios.com) (cnbc.com)