The Big Picture
The frontier model race just crossed into national security in a very concrete way.
This is not another vague AI risk story. The specific claim is sharper: models are now getting good enough at cyber work that they can autonomously chain together multi-step attacks in controlled environments, discover serious software vulnerabilities, and compress expert security labor from hours or days into minutes.
The fight is no longer just whether these models are dangerous. It is who gets access first: defenders, government agencies, critical infrastructure, big tech partners, or eventually everyone.
The Lead
The Wall Street Journal reports that the White House is opposing Anthropic's plan to expand access to Claude Mythos Preview, a powerful cyber-capable AI model.
Anthropic reportedly wanted to add roughly 70 more companies and organizations to the Mythos access list, raising the total number of entities with access to about 120. The White House pushed back over security concerns, and according to WSJ also questioned whether Anthropic has enough compute to serve many more users without degrading government access. Anthropic disputes that compute is a limiting factor.
That is the key tension:
Anthropic wants Mythos in more defender hands.
The White House worries wider access creates national security risk.
OpenAI is simultaneously rolling out GPT-5.5-Cyber to critical defenders.
AISI says GPT-5.5 is now the second model, after Mythos, to complete a full multi-step cyberattack simulation end-to-end.
Sources: WSJ article, WSJ post
What Actually Happened
WSJ reported that the White House opposes Anthropic expanding access to Mythos.
The model is capable enough at cybersecurity tasks that officials are treating access as a national security issue.
Anthropic's proposed expansion would move Mythos access from roughly 50 entities to about 120.
The White House concern is not just misuse. Officials also worry about limited compute and whether expanded commercial access could degrade government use.
Anthropic says it is having constructive talks with the government and that compute is not a limiting factor.
Anthropic recently signed compute-expansion agreements with Amazon, Google, and Broadcom, but those buildouts will take time to come online.
AI providers can prioritize compute for select customers like the federal government, which makes compute allocation part of the access politics.
WSJ says Anthropic recently disclosed it was investigating possible unauthorized access to Mythos, which added fuel to concerns about a flood of newly discovered software vulnerabilities.
The dispute is happening against a political backdrop: prior tensions over Pentagon use of Anthropic tools, two related court cases, and Trump administration suspicion of Anthropic's links to pro-regulation and liberal-aligned circles.
Sam Altman posted that OpenAI is beginning rollout of GPT-5.5-Cyber to critical cyber defenders in the next few days.
The UK AI Security Institute published an evaluation saying GPT-5.5 is one of the strongest cyber models it has tested.
The Numbers That Matter
Anthropic proposed adding roughly 70 more organizations to Mythos access.
That would bring total access to about 120 entities.
Mythos access reportedly started with about 50 companies and organizations responsible for critical infrastructure.
AISI's cyber range, called The Last Ones, is a 32-step simulated corporate network attack.
AISI estimates a human expert would need about 20 hours to complete it.
Claude Mythos Preview completed it end-to-end in 3 out of 10 attempts.
GPT-5.5 completed it end-to-end in 2 out of 10 attempts.
GPT-5.5 averaged about 71.4% on AISI expert-level cyber tasks at a 50M token budget.
Mythos Preview scored about 68.6% on the same expert-level measurement in the GPT-5.5 evaluation writeup.
Anthropic previously said Mythos found severe bugs in major operating systems and browsers, including a 27-year-old OpenBSD bug.
AISI highlighted one reverse-engineering challenge where GPT-5.5 solved in 10 minutes and 22 seconds for $1.73 in API usage, versus roughly 12 hours for a human expert.
Sources: AISI on GPT-5.5, AISI on Mythos Preview
Why This Matters
This is the moment cyber-capable AI starts getting treated like controlled national infrastructure, not just SaaS. The government is effectively deciding who gets access to frontier cyber capability and when. That looks a lot like a soft licensing regime, even if no formal AI licensing law exists yet.
The capability is dual-use in the strongest possible sense. Defenders can find and patch bugs faster, and attackers can find and exploit bugs faster. The same model behavior that helps secure software can also weaponize vulnerabilities.
The strongest framing is not "AI is hacking the world tomorrow." It is "the vulnerability discovery timeline is collapsing."
The WSJ detail that matters most politically: this is not only a safety fight. It is also a trust fight between Anthropic and the Trump administration.
The Political Layer
The new WSJ reporting adds important context:
The White House has inserted itself into the Mythos rollout because officials see the model as having national-security implications.
Officials are worried about Mythos' ability to uncover and exploit software flaws, not just generate generic phishing or malware text.
Anthropic says talks are constructive and compute is not the bottleneck.
WSJ says Anthropic disclosed last week that it was investigating possible unauthorized access to Mythos.
That unauthorized-access detail is a major escalation. It makes the concern concrete: what happens if a cyber-capable frontier model leaks before defenders are ready?
The relationship is politically strained. WSJ says the administration previously sought to sever ties with Anthropic over a Pentagon dispute about military use of its AI tools.
The administration has also reportedly objected to Anthropic's connections to liberal or pro-regulation groups and the presence of former Biden administration figures on staff.
Another personnel flashpoint: Collin Burns, a former Anthropic researcher, was reportedly lined up to lead a government office evaluating top AI models, but the administration reversed course. Senior White House officials reportedly had not been consulted and did not want someone from a major AI company in a role requiring close coordination with industry.
“This is not just Washington asking whether the model is safe. It is Washington asking whether it trusts Anthropic to control one of the most sensitive AI capabilities yet.”
Dean Ball's Framing
Who he is: Dean Ball is an AI policy analyst plugged into both government decision-making and the technical AI debate. That makes his take useful because he can separate two questions that usually get mashed together: whether the White House is right to slow Anthropic down today, and whether ad hoc access control can work as a long-term strategy.
His thread argues:
Assuming the WSJ story is true, the White House may be making the right short-term call.
But the strategy is not durable. It is like trying to build a dam against a tsunami.
Capabilities like Mythos are likely to diffuse within 6 to 18 months.
If the government restricts frontier model releases, that is functionally a licensing regime. It needs formal rules, not ad hoc calls to one lab at a time.
The better long-term path is stronger technical safeguards, not just access restriction.
Technical AI safety can be accelerationist if it lets defenders safely use stronger systems.
“The White House may be right today and still have no long-term strategy.”
Source: Dean Ball thread
Sam Altman's Move
Who he is: Sam Altman runs OpenAI, the company trying to turn frontier models into default infrastructure for everyone. His post matters because OpenAI is offering its own controlled-access cyber model at the exact moment Washington is questioning who should get access to Mythos.
Sam Altman posted that OpenAI is rolling out GPT-5.5-Cyber to critical cyber defenders. The message:
OpenAI wants to work with government and the broader ecosystem on trusted access.
The goal is to rapidly help secure companies and infrastructure.
OpenAI is positioning this as defender-first deployment.
Why it matters: this looks like OpenAI moving directly into the space Anthropic just made politically explosive. If Anthropic is facing resistance on Mythos expansion, OpenAI is trying to present GPT-5.5-Cyber as the safer or more usable path for vetted defenders. The timing is hard to ignore.
Source: Sam Altman post
AISI's GPT-5.5 Evaluation
What AISI is: The UK AI Security Institute is a government-backed evaluation body that tests frontier models for dangerous capabilities. Its cyber evaluations matter because they give policymakers an outside benchmark instead of just relying on company claims.
In this story, AISI is important because it shows Mythos was not a one-off. GPT-5.5 is now hitting similar cyber milestones, which turns this from an Anthropic story into a frontier-model trend.
Main findings from the April 30 evaluation:
GPT-5.5 is one of the strongest cyber models AISI has tested.
It is the second model to complete a multi-step cyberattack simulation end-to-end.
The first was Anthropic's Claude Mythos Preview.
Important caveat: these are controlled evaluations. The simulated environments lack active defenders, real defensive tooling, and the consequences of triggering alerts. AISI explicitly says real-world performance against hardened systems is unknown.
Still, the direction is clear. Models are now chaining complex cyber tasks across longer horizons, the cost and time curves are collapsing, and more inference compute appears to improve performance.
Sources: AISI thread, AISI GPT-5.5 evaluation
Anthropic's Mythos Claim
Who Dario Amodei is: Dario Amodei leads Anthropic, the lab most closely associated with the argument that frontier AI can become dangerous fast. That matters here because Anthropic is now in the awkward position of warning about powerful AI systems while also asking the government to let more organizations use one of its most sensitive models.
Anthropic's own technical writeup framed Mythos as a watershed moment for cyber:
Mythos can identify and exploit zero-day vulnerabilities in major operating systems and browsers when directed by a user.
Anthropic says it found serious bugs across open-source software, including very old vulnerabilities missed for years.
More than 99% of the vulnerabilities it found had not yet been patched, limiting what Anthropic could disclose.
The model was not explicitly trained for these cyber capabilities. They emerged from general improvements in code, reasoning, and autonomy.
That last point is the scary one. The cyber capability was not a special feature. It emerged as frontier models got better at the general things frontier models are supposed to get better at.
David Sacks' Counter-Framing
Who he is: David Sacks is a venture capitalist and Trump-aligned AI adviser whose instinct is usually to push back against regulatory overreach. His framing matters because it shows how parts of the White House orbit may see Mythos: not as a one-of-one doomsday model, but as an early example of a capability every frontier lab will soon have.
Sacks pushed back on the idea that Mythos is uniquely terrifying. His framing:
"It is time to demystify Mythos."
Mythos is not magic and not a doomsday device.
It is one of the first of many models that can automate cyber tasks, just like AI automated coding tasks.
OpenAI's GPT-5.5-Cyber can now do the same.
He expects all frontier models, including Chinese models, to reach similar capability within roughly 6 months.
These models do not create vulnerabilities. They discover bugs that already exist.
The defender imperative is to get these tools into trusted hands quickly.
Useful contrast:
Anthropic framing: this is a watershed risk that needs careful release.
Sacks framing: this is inevitable, do not mystify it, arm defenders fast.
Source: David Sacks post
The Compute Angle
This is not only about safety policy. It is also about scarce compute.
Anthropic has signed new compute deals with Amazon, Google, and Broadcom.
Those buildouts take time.
If Mythos demand expands faster than compute capacity, someone gets prioritized and someone waits.
The federal government does not want to be the customer waiting.
That turns compute into a national-security resource allocation problem.
“The question is not just whether Mythos is too powerful to release. It is whether Anthropic has enough compute to serve both the government and everyone else who wants it.”
The Collin Burns Detail
Who he is: Collin Burns is a former Anthropic researcher who has worked on model evaluation, the exact kind of technical expertise governments need if they are going to judge frontier systems seriously.
His reported reversal matters because it shows the White House wants technical competence, but does not want sensitive evaluation roles to look captured by one of the labs being evaluated.
What it suggests:
The Trump White House does not want major-lab insiders controlling sensitive government AI evaluation infrastructure.
Even if someone is technically qualified, affiliation with a frontier AI company can become a political liability.
Model evaluation offices need close coordination with the same companies they are supposed to assess.
“Washington wants frontier-lab expertise, but it does not want frontier-lab capture.”
What To Be Careful Saying
Some guardrails on the hype:
AISI did not say GPT-5.5 can reliably hack real defended companies today.
The cyber ranges are controlled environments.
There are no active defenders in these evals.
The results do not prove immediate real-world compromise ability against hardened targets.
Safer framing:
"In controlled simulations, these models can now complete multi-step cyberattack chains that used to require expert human labor."
"The trend is clear, even if real-world reliability is still uncertain."
"This compresses the time and cost of vulnerability discovery."
Clean Takeaway
The White House pushback on Anthropic's Mythos is the first major signal that frontier AI cyber capability is becoming a controlled-access national security issue, and that the deciding factor may be trust as much as raw capability.
OpenAI's GPT-5.5-Cyber rollout and AISI's benchmark results make the story bigger than Anthropic. Mythos was the first warning shot. GPT-5.5 shows this is becoming a general frontier model capability.
The real story is not one model. It is the start of a new cyber arms race where access, compute, safeguards, politics, and government trust decide who gets the advantage first.
Yours Truly,
Wes “also has Mythos-like abilities” Roth
Sources
WSJ article, White House Opposes Anthropic's Plan to Expand Access to Mythos Model: https://www.wsj.com/tech/ai/white-house-opposes-anthropics-plan-to-expand-access-to-mythos-model-dc281ab5
Dean Ball thread: https://x.com/deanwball/status/2049853497978368267
Sam Altman GPT-5.5-Cyber rollout post: https://x.com/sama/status/2049712078836170843
AI Security Institute GPT-5.5 thread: https://x.com/AISecurityInst/status/2049868227740565890
AISI, Our evaluation of OpenAI's GPT-5.5 cyber capabilities: https://www.aisi.gov.uk/blog/our-evaluation-of-openais-gpt-5-5-cyber-capabilities
AISI, Our evaluation of Claude Mythos Preview's cyber capabilities: https://www.aisi.gov.uk/blog/our-evaluation-of-claude-mythos-previews-cyber-capabilities
Anthropic technical writeup, Assessing Claude Mythos Preview's cybersecurity capabilities: https://red.anthropic.com/2026/mythos-preview/
Anthropic Mythos announcement thread: https://x.com/AnthropicAI/status/2041578392852517128
David Sacks post on demystifying Mythos: https://x.com/DavidSacks/status/2049907993588769006
PS: I did a video on this exact subject, believe it or not:
