This week’s chart comes from the UK AI Security Institute’s new evaluation of OpenAI’s GPT-5.5. The y-axis shows the 32 stages of a full corporate network intrusion, from initial reconnaissance to full takeover. GPT-5.5 and Anthropic’s powerful, but controversial, unreleased model Mythos have now walked the whole path end to end, unattended, in a task AISI reckons takes a human expert twenty hours. A year ago GPT-4o topped out at step 2.
Plenty of pushback has followed Anthropic’s actions around their powerful unreleased model, most visibly from David Sacks, who in his vast wisdom thinks the cyber narrative is overcooked. We suggest it’s better to focus on the facts and the direction of travel. If scaling and code-based reinforcement learning keep compounding as they have, today’s hype will turn out to be a prescient warning that we should have heeded. Read our analysis of Mythos here.