OpenAI Daybreak and Anthropic Glasswing debut amid rapid gains in AI cyber capability
OpenAI launched Daybreak, a cybersecurity initiative built around GPT-5.5, a tiered Trusted Access for Cyber framework, and Codex Security as its agent harness, positioning it alongside Anthropic’s earlier Project Glasswing. Both programs advertise similar defender-focused uses, including vulnerability discovery, exploit validation in authorized environments, patch validation, and detection engineering, while differing mainly in governance and access controls. Major security vendors including Cisco, CrowdStrike, and Palo Alto Networks joined both efforts, signaling that large defenders are pursuing model-agnostic strategies rather than committing to a single AI provider.
The launches come as the UK AI Security Institute reported that autonomous AI cyber capability is advancing quickly, with the 80%-reliability cyber task time horizon previously doubling every 4.7 months and new results from Claude Mythos Preview and GPT-5.5 exceeding that trend. A newer Claude Mythos Preview checkpoint became the first model to complete both AISI cyber ranges, including the previously unsolved Cooling Tower, while GPT-5.5 also posted strong results on The Last Ones; AISI said benchmark differences between the leading models are now narrow enough that practical differentiation is shifting toward agent harnesses, access restrictions, auditability, and partner ecosystems. The institute warned that current tests likely understate real-world capability and urged organizations to strengthen security baselines as both the defensive value and the cyber risk of frontier models increase.

Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
7 events from the most recent confirmed update back to the earliest known activity.
Daybreak and Glasswing disclosed overlapping security partners
Reporting on Daybreak noted that Cisco, CrowdStrike, and Palo Alto Networks were partners in both OpenAI's Daybreak and Anthropic's Glasswing programs. The overlap suggested major security vendors were pursuing model-agnostic strategies rather than aligning exclusively with one AI provider.
OpenAI launched the Daybreak cybersecurity initiative
OpenAI launched Daybreak as a cybersecurity program built around GPT-5.5, a tiered Trusted Access for Cyber framework, and Codex Security as its agent harness. The initiative positioned OpenAI alongside Anthropic's earlier Glasswing offering for defender-focused AI security workflows.
Palo Alto says frontier AI research produced 26 CVEs across 130+ products
Palo Alto Networks reported that recent frontier AI models were highly effective at finding vulnerabilities and chaining them into critical exploit paths. The company said this work led to 26 CVEs covering 75 issues across more than 130 products, adding independent evidence of rapidly advancing autonomous cyber capability.
GPT-5.5 posted strong results on AISI's 'The Last Ones' benchmark
AISI reported that GPT-5.5 showed strong performance on The Last Ones and that new results for GPT-5.5 and Claude Mythos Preview substantially exceeded its prior trend estimate. The institute said it was still unclear whether this represented a temporary jump or a faster new rate of progress.
Claude Mythos Preview first completed both AISI cyber ranges
A newer Claude Mythos Preview checkpoint became the first model to complete both AISI cyber ranges, including the previously unsolved Cooling Tower challenge. AISI cited this as evidence that frontier autonomous cyber capability had advanced beyond its earlier trendline.
AISI published a February 2026 estimate of rapid cyber capability growth
In February 2026, AISI estimated that autonomous cyber capability was improving quickly, with the reliable cyber task time horizon doubling every 4.7 months. The estimate served as the prior benchmark before newer Claude Mythos Preview and GPT-5.5 results were evaluated.
Autonomous AI cyber task horizon began doubling from late 2024
According to the UK AI Security Institute, frontier AI models' 80%-reliability cyber task time horizon had been doubling every 4.7 months since late 2024 under a 2.5 million token limit. This established the baseline trend used to assess later model advances.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
6 references tracked. Mallory keeps watching after this page renders.
OpenAI Daybreak and the Future of Secure Software Development - Arctic Wolf
arcticwolf.com
Open sourceDaybreak and Future of Secure Software Development | Arctic Wolf
arcticwolf.com
Open sourceL'IA d'Anthropic progresse à une vitesse alarmante selon les expe ...
zdnet.fr
Open sourceResearchers say AI just broke every benchmark for autonomous cyber capability | CyberScoop
cyberscoop.com
Open sourceOpenAI's Daybreak and Anthropic's Glasswing have nearly identical benchmarks - and 3 of the same partners - The New Stack
thenewstack.io
Open sourceHow fast is autonomous AI cyber capability advancing? | AISI Work
aisi.gov.uk
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.


