A new report from the U.K.’s AI Security Institute reveals that top AI models can now autonomously execute multi-stage cyberattacks that would take a human expert 20 hours, raising urgent questions about the widening gap between AI’s offensive and defensive capabilities.
OpenAI’s new GPT-5.5 model can autonomously execute sophisticated, multi-stage cyberattacks and solve complex security challenges at a speed that vastly outperforms human experts, according to a new government report. The findings from the U.K.’s AI Security Institute (AISI) place GPT-5.5’s offensive capabilities on par with Anthropic’s Claude Mythos, suggesting rapid, broad-based advances in AI’s potential for malicious use are a general trend, not an isolated breakthrough.
"If offensive cyber skill is emerging as a byproduct of wider improvements in reasoning, coding, and autonomous task completion, then further advances could arrive in quick succession," the AI Security Institute, a research body within Britain's Department of Science, Innovation and Technology, warned in its report.
The report detailed how GPT-5.5 autonomously completed a 32-step simulated corporate network attack in two out of 10 attempts. This test, designed by SpecterOps and dubbed "The Last Ones," had previously only been completed by Anthropic's Claude Mythos Preview (in three of 10 tries). In a more striking test, GPT-5.5 solved a reverse-engineering puzzle that takes a human expert 12 hours in just 10 minutes and 22 seconds, at a cost of only $1.73 in API usage. On a broader set of expert-level cybersecurity tasks, GPT-5.5 achieved a 71.4% pass rate, slightly ahead of Mythos Preview’s 68.6% and well beyond the 52.4% from GPT-5.4.
This leap in offensive capability creates a dual-sided market shock: it exposes acute vulnerabilities for enterprises, creating a bearish outlook for companies with weak security postures, while acting as a powerful bullish catalyst for the cybersecurity sector. The development is expected to trigger a surge in demand for AI-powered defense solutions and intensify regulatory pressure on AI developers, a market dynamic underscored by the U.K. government announcing £90 million in new cyber resilience funding alongside the report.
The AISI findings land in a market already grappling with a structurally lopsided arms race. Research from Binance shows that AI tools are currently twice as effective at exploiting smart contract vulnerabilities as they are at detecting them. The firm’s report notes that GPT-5.3-Codex achieved a 72.2% success rate in "exploit" mode on the EVMbench benchmark, compared to roughly half that in "detect" mode.
This asymmetry is driven by collapsing costs for attackers. AI-powered exploits now average around $1.22 per contract, a figure projected to fall another 22% every two months, according to Binance Research. While over 80% of developers now use AI in their workflow, fewer than 40% use it for advanced security testing, leaving a significant gap for automated threats to exploit. The trend is not limited to code; TRM Labs analysts speculate that North Korean hacking groups are using AI for sophisticated social engineering, a shift from their traditional reliance on simpler attack vectors.
The rapid emergence of these capabilities has sparked a debate about responsible disclosure and marketing. OpenAI CEO Sam Altman recently criticized what he termed “fear-based marketing,” alluding to competitors who hype the dangers of their models to sell security solutions. "It is clearly incredible marketing to say, ‘We have built a bomb. We are about to drop it on your head. We will sell you a bomb shelter for $100 million,’" Altman said in a recent podcast interview.
In response to the growing threat, both OpenAI and Anthropic are restricting access to their most potent models. Anthropic limited the initial release of Mythos Preview to “critical industry partners,” while OpenAI is rolling out GPT-5.5-Cyber, a specialized version, to a vetted list of “critical cyber defenders.” This cautious approach comes as researchers found a "universal jailbreak" in the public GPT-5.5 model that bypassed its safety guardrails, an attack that took a red team six hours to develop. While OpenAI has since issued a patch, the incident highlights the persistent risk of misuse, a concern for investors as 43% of U.K. businesses reported a cyber breach in the past year.
This article is for informational purposes only and does not constitute investment advice.
