OpenAI Flags Rising Cyber Threat as Next-Generation Models Advance

Key Takeaways

• OpenAI Risk Warning: OpenAI says its upcoming frontier models are likely to reach “high” cybersecurity risk levels, according to a report shared first with Axios.
• Rapid Capability Gains: GPT-5 scored 27% and GPT-5.1-Codex-Max reached 76% on recent capture-the-flag security tests, reflecting accelerating cyber-relevant performance.
• Autonomous Operation Factor: Extended autonomous run times are enabling persistence-based tactics like brute-force attacks, though OpenAI says such attempts remain detectable in defended environments.
• Preparedness Framework Shift: OpenAI is preparing as though each future model could reach the “high” tier, one step below the “critical” threshold that would prohibit public release.
• Industry Collaboration: The company is establishing a Frontier Risk Council and testing its Aardvark vulnerability-detection tool, which has already uncovered critical security flaws.

Deep Dive

OpenAI is cautioning that its next wave of frontier AI systems is on track to reach “high” cybersecurity risk levels, a threshold the company says would meaningfully increase the number of people capable of executing sophisticated cyberattacks. The warning comes in a new internal assessment that was shared with Axios.

The company’s latest evaluation points to a fast-moving trend where with each iteration, its models are becoming more capable of operating autonomously for longer periods—long enough to make persistence-based techniques, such as brute-force attacks, far more feasible. OpenAI says the shift is already visible in performance data. In a capture-the-flag exercise last August, GPT-5 logged a 27% score; GPT-5.1-Codex-Max, tested last month, reached 76%.

OpenAI says it is now preparing as though every upcoming model could cross the line into the “high” tier of its Preparedness Framework for cybersecurity risk. Only the “critical” level sits above it, which is the point at which OpenAI deems a model too dangerous for public release. Still, the company has not offered timing or details on when the first “high-risk” cybersecurity model might emerge or which future systems could qualify.

Fouad Matin, speaking with Axios in an exclusive interview, said the driving issue is how long the models can keep working without human intervention. That extended run time, Matin noted, enables some forms of attack that hinge on relentless trial-and-error. But it does not automatically translate into real-world success. “In any defended environment this would be caught pretty easily,” he said, pointing out that brute-force attempts remain detectable even as models get stronger.

The cybersecurity concerns mirror warnings OpenAI issued earlier in the year about potential bioweapons misuse by increasingly capable models. Just weeks after flagging that risk, the company released ChatGPT Agent in July, a system that landed in OpenAI’s “high” category under the same internal framework.

OpenAI emphasized that it is not the only lab seeing models become more adept at identifying vulnerabilities. Other leading developers are charting similar progress, prompting OpenAI to broaden its collaboration across the sector. The company highlighted its work through the Frontier Model Forum, which was launched with peer labs in 2023, as part of that effort.

To deepen its response, OpenAI plans to stand up a new Frontier Risk Council that will bring external cybersecurity specialists into regular consultation with its internal teams. The company is also privately testing Aardvark, a tool that developers can apply for access to and use to locate weaknesses in their own software. According to OpenAI, Aardvark has already surfaced several critical vulnerabilities during early trials.

As model capability accelerates, the horizon for AI-driven cyber risk is approaching faster than expected, and the industry will need to prepare accordingly.

The GRC Report is your premier destination for the latest in governance, risk, and compliance news. As your reliable source for comprehensive coverage, we ensure you stay informed and ready to navigate the dynamic landscape of GRC. Beyond being a news source, the GRC Report represents a thriving community of professionals who, like you, are dedicated to GRC excellence. Explore our insightful articles and breaking news, and actively participate in the conversation to enhance your GRC journey.