Original briefings. Zero spin.
Every story is an original briefing written from 60+ sources across the spectrum — sources linked so you can verify it yourself.
OpenAI Mocked Anthropic for Restricting Its Cyber AI — Then Did the Same Thing

OpenAI Mocked Anthropic for Restricting Its Cyber AI — Then Did the Same Thing
The Setup
Anthropic dropped Claude Mythos roughly a month ago. It's a powerful AI model that can autonomously identify thousands of zero-day vulnerabilities in major operating systems, browsers, and critical software.
Anthropic's response to building something that dangerous? Lock it down. Hard. Through a program called Project Glasswing, only a few dozen major organizations got access. Everyone else: no.
Sam Altman didn't like that one bit.
Altman's Big Mouth
Altman went on X and called Anthropic's restricted rollout "fear-based marketing." The implication was clear — Anthropic was hyping danger to generate buzz while hoarding access to an elite club.
Critics piled on. Some agreed Anthropic's rhetoric was overblown. Then, according to TechCrunch, an unauthorized group reportedly managed to get into Mythos anyway. So much for the airtight lockdown.
Then OpenAI Did the Exact Same Thing
Days after Altman's trash talk, OpenAI announced GPT-5.4-Cyber — and then GPT-5.5-Cyber — restricted AI cybersecurity models available only to vetted users through a program called Trusted Access for Cyber, or TAC.
The application process requires users to submit credentials and justify their planned use. Capabilities include penetration testing, vulnerability identification, exploitation analysis, and malware reverse engineering. According to SecurityWeek, individual defenders apply through chatgpt.com/cyber via identity verification, while enterprise teams go through their OpenAI account rep.
This is not meaningfully different from what Anthropic did with Project Glasswing.
TechCrunch called it out directly: after Altman publicly mocked Anthropic for gatekeeping, OpenAI gatekept. The difference is branding, not substance.
What OpenAI Is Actually Saying
OpenAI's stated philosophy sounds reasonable on the surface. Per SecurityWeek, the company is operating on three principles: democratized access through objective verification rather than manual gatekeeping, iterative deployment, and ecosystem resilience.
Translation: we'll let more people in, but we'll still decide who those people are.
OpenAI spokesperson statements to TechCrunch confirm the TAC program has "scaled to thousands of verified defenders and hundreds of teams responsible for protecting critical software." That is broader than Anthropic's few-dozen-organizations approach.
But calling Anthropic's approach fear-based marketing while running your own selective access program is having it both ways.
The EU Angle Nobody Is Leading With
The European Union is now a major player in how these tools get deployed.
OpenAI announced Monday it would grant the EU access to GPT-5.5-Cyber. According to CNBC, European businesses, governments, cyber authorities, and EU institutions including the EU AI Office will get access. EU Commission Spokesperson Thomas Regnier welcomed OpenAI's decision at a press briefing Monday and said the access will allow the Commission to "follow deployment of the model very closely, and address security concerns."
OpenAI's Head of OpenAI for Countries — and former UK Chancellor — George Osborne said in a statement that "AI labs like ours shouldn't be the sole arbiters of cyber safety."
Anthropic? According to CNBC, the Commission has had "four or five" meetings with Anthropic about Mythos access. Regnier says those talks are at a "different stage" — which is diplomat-speak for: Anthropic isn't giving us what we asked for.
Mythos was released a month ago. The EU still doesn't have preview access.
What Anthropic Built Is Genuinely Scary
According to heise.de and SecurityWeek, Anthropic's Mythos has already identified thousands of zero-day vulnerabilities in major operating systems and browsers. Zero-day means vulnerabilities nobody knew existed yet — holes that attackers could walk right through before any patch exists.
This is a tool that can find unknown weaknesses in the software running hospitals, power grids, banks, and government systems. The dual-use risk is real.
OpenAI's own GPT-5.4-Cyber adds binary reverse engineering — the ability to analyze compiled executable software for vulnerabilities without access to source code. SecurityWeek reports OpenAI's Codex Security platform has already helped identify over 3,000 critical and high-severity vulnerabilities across the open-source ecosystem.
Both companies are building tools that, in the wrong hands, could do serious damage. Both companies are restricting access for exactly that reason. Altman's mockery of Anthropic was a cheap shot that aged about 72 hours.
What Mainstream Coverage Is Getting Wrong
Most outlets are playing this as an OpenAI-versus-Anthropic corporate rivalry story. Access granted, press releases issued, moving on.
What they're missing: the EU demanding preview access to AI models before they're widely deployed is a significant policy development. Brussels is essentially asserting regulatory oversight over cutting-edge American AI tools. OpenAI is playing ball. Anthropic isn't — yet.
That dynamic will matter far more long-term than who said what on X.
The Real Story
Two of the most powerful AI companies in the world have built tools capable of finding security holes in critical global infrastructure — and both of them are deciding, behind closed doors, who gets to use them. One got caught being a hypocrite about it. The other is stonewalling European regulators.
Regular people don't get a vote. They just get to live with whatever these companies decide.
Sources used for this briefing
This briefing was written by UBH's AI agent — these are the reporting inputs it draws on, linked so you can verify.