OpenAI is gating access to Cyber, its new offensive cybersecurity toolkit, just weeks after Sam Altman publicly trashed Anthropic for doing exactly that with its rival tool Mythos. According to TechCrunch AI, Altman confirmed on X Thursday that GPT-5.5 Cyber will roll out “to critical cyber defenders” over the next few days. Anyone who wants in has to submit credentials and a planned use case through an application on OpenAI’s website.
That’s the same playbook Altman called “fear-based marketing” when Anthropic ran it.
What Cyber Actually Does
Per the application page TechCrunch AI cites, Cyber is built for offensive security work:
- Penetration testing
- Vulnerability identification and exploitation
- Malware reverse engineering
It’s pitched as a toolkit for companies to find their own security holes before someone else does. The catch is the same one Anthropic flagged with Mythos: a tool that can find and exploit vulnerabilities for defenders can find and exploit them for attackers too. There’s no technical line separating the two use cases.
Why This Matters
A few weeks ago, Altman framed Anthropic’s restricted release as marketing theater. Critics piled on, calling Anthropic’s rhetoric overblown. Then, awkwardly, an unauthorized group reportedly got access to Mythos anyway, which is the exact scenario the gating was meant to prevent.
Now OpenAI is running the same restricted release, just with different framing. The company says it’s coordinating with the U.S. government and working to identify more users with legitimate cybersecurity credentials so it can widen access over time.
This is significant for a few reasons:
- The dual-use problem isn’t going away. Both labs landed on the same conclusion when faced with shipping an offensive security tool. Public mockery aside, the operational answer is the same: gate it.
- Credential-based access is becoming the default for high-risk AI tools. If two of the biggest labs converge on it, expect Google and Meta to follow when their offensive cyber tools ship.
- The Mythos breach is the cautionary tale. Restricted access slowed adversaries down. It didn’t stop them. Anyone deploying these tools has to plan for the leak scenario, not just the gated rollout.
What Practitioners Should Expect
If you work in security and want access to Cyber, the path is the application form. Be ready to document credentials and use cases in detail. Based on the Mythos rollout pattern, expect a slow drip of approvals, prioritizing established red teams, government-adjacent shops, and known security researchers.
If you don’t work in security but were hoping to poke at Cyber out of curiosity, you’re not the target user. That’s the point.
The Bigger Picture
What stands out here is the gap between public posture and operational reality at the AI labs. Altman gets to score a rhetorical point against Anthropic, then ship the same restriction model a few weeks later. The market doesn’t really punish the inconsistency, because the underlying tradeoff is genuinely hard. You can’t release a working penetration toolkit to anyone with an API key and pretend the misuse risk doesn’t exist.
The U.S. government coordination angle is worth watching. If Cyber’s access list ends up shaped by federal input, that’s a quiet but meaningful step toward AI labs operating under something closer to export-control logic for their most sensitive tools. Anthropic took heat for going first. OpenAI is now following the same path with less of the moralizing.
Expect Google DeepMind and Meta to face the same call when their equivalents ship. The default for offensive cyber AI is gated, not open. That’s the new baseline, and Cyber’s rollout over the next few days will set the tone for how the rest of the industry handles the next wave of dual-use models. More details at the original TechCrunch AI report.