By Those responsible for protecting America’s critical infrastructure — including water systems, power grids, healthcare networks, and financial services — are now operating under an urgent and tightening deadline.
Why It Matters
AI models have become so advanced at autonomously hacking systems and exploiting severe vulnerabilities that even their creators are restricting access — out of genuine fear that these tools could devastate the systems underpinning everyday life.
Anthropic has already limited access to its Mythos Preview model for this very reason. OpenAI is pursuing a similar approach for an upcoming release, according to a source familiar with the company’s plans who spoke with Axios.
However, such capabilities are unlikely to stay locked away for long. Researchers have already identified widely available open-weights models capable of exploiting many of the same decades-old vulnerabilities that Mythos Preview targeted during testing.
What’s Happening Now
Anthropic confirmed it has no plans to release Mythos Preview to the general public. Additional models in the Mythos line will not be made available unless strict guardrails are in place and security defenders have been given adequate time to strengthen their positions.
OpenAI, meanwhile, plans to roll out its forthcoming advanced cyber-capable product to a carefully selected group of companies through a program called “Trusted Access for Cyber,” the source told Axios.
The Bigger Picture
Hackers are already alarmingly effective at rapidly developing exploits that target software and hardware vulnerabilities. In fact, last year 42% of vulnerabilities exploited in attacks had not even been publicly disclosed at the time, according to data from CrowdStrike.
Security experts now warn that the latest AI models are likely capable of both identifying and weaponizing vulnerabilities within a single day—leaving organizations virtually no margin for error.
“Dwell time used to be 90 days, then it became six days. Now it has become zero days—or seconds.” — Bipul Sinha, CEO of Rubrik
The Threat to Critical Infrastructure
Disrupting power supplies or tampering with local water systems has historically required attackers to possess deep, specialized knowledge of specific technologies and internal systems — a barrier that most hackers cannot overcome. But AI models that operate around the clock to find, exploit, and map out infrastructure could make such attacks significantly easier to execute.
Compounding the problem, many critical infrastructure operators simply lack the financial resources to acquire the technology and personnel needed to write, test, and deploy patches for every discovered vulnerability.
The Defender’s Advantage
Despite the dangers, cybersecurity professionals see a meaningful window of opportunity. Limiting the release of highly capable AI models gives defenders a temporary but critical edge—particularly in identifying and remediating long-standing security flaws and building more resilient software from the ground up.
“This is an incredible time where the people building applications and operating systems can achieve tremendous cybersecurity scale by leveraging AI to identify security vulnerabilities.” — Charles Carmakal, CTO at Mandiant
Rubrik’s Sinha added that this new paradigm requires companies to rethink their entire defense strategy—one now shaped by AI agents rather than human attackers.
“Agents will do the work in the enterprise, and they are doing the attacking. Everything built for a human is now irrelevant because the speed has fundamentally changed.”
The Catch
The greater challenge for defenders, according to Adam Meyers, senior vice president of counter adversary operations at CrowdStrike, isn’t finding bugs—it’s having the time and resources to actually fix them. As AI dramatically increases the volume of discovered vulnerabilities, organizations risk accumulating an ever-growing backlog of unpatched flaws, even as attackers become faster at exploiting them.
The Open-Source Dilemma
Restricting powerful AI tools to invite-only programs raises another concern: it may leave open-source project maintainers — whose work powers the majority of modern internet infrastructure — without access to the very capabilities they need most.
“The open-source maintainers who maintain the software the world runs on can’t wait for an invitation to a trusted access program, given that the offensive side is very likely deploying AI already.” — Stanislav Fort, Chief Scientist at Aisle
What to Watch
All eyes are now on how U.S. Government cyber leaders respond to this rapidly evolving threat landscape— and whether the Cybersecurity and Infrastructure Security Agency (CISA) or the White House will launch new initiatives to reinforce the defenses protecting America’s most critical systems.