The world of cybersecurity has changed in a very short time. AI models can now find weaknesses in software on their own, faster and more accurately than entire teams of human security experts. The two companies leading this shift are Anthropic and OpenAI, and both are now in a serious competition over who controls this technology.
Anthropic fired the first shot with a model called Claude Mythos Preview. The model autonomously discovered thousands of zero-day vulnerabilities in every major operating system and web browser, with some of those weaknesses hiding in plain sight for over 25 years. The situation was serious enough that Anthropic launched Project Glasswing, an elite cybersecurity group that includes Amazon, Apple, Google, Microsoft, Nvidia, CrowdStrike, Palo Alto Networks, and JPMorgan Chase.
The danger is not just theoretical. Anthropic CEO Dario Amodei warned that there is a 6 to 12 month window to patch tens of thousands of software vulnerabilities uncovered by Mythos before Chinese AI catches up. He described the risk clearly: “The danger is just some enormous increase in the amount of vulnerabilities, in the amount of breaches, in the financial damage that’s done from ransomware on schools, hospitals, not to mention banks.”
OpenAI responded quickly. OpenAI opened a limited preview of GPT-5.5-Cyber to vetted cyber defenders who are responsible for securing critical infrastructure. A source familiar with the model told Axios that its abilities were roughly on par with Mythos, with one major recent test putting Mythos narrowly ahead.
OpenAI also went a step further with a full platform. OpenAI launched Daybreak, which identifies software weaknesses, validates fixes, and speeds up patching workflows. The system combines GPT-5.5 models, Codex Security, and integrations with major security vendors including Akamai, Cisco, Cloudflare, CrowdStrike, Fortinet, Oracle, Palo Alto Networks, and Zscaler.
The two companies are handling access very differently. Anthropic has taken a more restrictive view, allowing approximately 40 organizations to access Mythos. OpenAI is taking a more open approach, releasing one version with stricter guardrails while also offering a version with fewer restrictions for companies that apply for access.
On the global level, Google caught real hackers using AI to break into computers. Google’s chief threat analyst said: “The era of AI-driven vulnerability and exploitation is already here.”
The race is on. And the side that wins, whether defenders or attackers, will be the one that uses these tools faster and smarter.



