OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams

OpenAI Launches GPT-5.4-Cyber with Expanded Access for Security Teams Ravie LakshmananApr 15, 2026Vulnerability / Secure Coding OpenAI on Tuesday unveiled GPT-5.4-Cyber, a variant of its latest flagship model, GPT‑5.4, that's specifically optimized for defensive cybersecurity use cases, days after rival Anthropic unveiled its own frontier model, Mythos. "The progressive use of AI accelerates defenders – those responsible for keeping systems, data, and users safe – enabling them to find and fix problems faster in the digital infrastructure everyone relies on," OpenAI said. In conjunction with the announcement, the artificial intelligence (AI) company said it's ramping up its Trusted Access for Cyber (TAC) program to thousands of authenticated individual defenders and hundreds of teams responsible for securing critical software. AI systems are inherently dual-use, as bad actors can repurpose technologies developed for legitimate applications to their own advantage and achieve malicious goals. One core area of concern is that adversaries could invert the models fine-tuned for software defense to detect and exploit vulnerabilities in widely-used software before they can be patched, exposing users to significant risks. OpenAI said the goal is to democratize access to its models while minimizing such misuse, as well as strengthening its safeguards through a deliberate, iterative rollout. The idea is to enable responsible use at scale, give defenders a head start, and simultaneously shore up guardrails against jailbreaks and adversarial prompt injections as model capabilities become more advanced. "As model capabilities advance, our approach is to scale cyber defense in lockstep: broadening access for legitimate defenders while continuing to strengthen safeguards," the company added. The ChatGPT maker, which launched Codex Security as a way to find, validate, and propose fixes for vulnerabilities, revealed that the AI-powered application security agent has contributed to over 3,000 critical and high fixed vulnerabilities. OpenAI's limited release follows the preview of Anthropic's Mythos, a frontier model that's being deployed in a controlled manner as part of Project Glasswing. The model, the company said, found "thousands" of vulnerabilities in operating systems, web browsers, and other software. "The strongest ecosystem is one that continuously identifies, validates, and fixes security issues as software is written," OpenAI said. "By integrating advanced coding models and agentic capabilities into developer workflows, we can give developers immediate, actionable feedback while they are building, shifting security from episodic audits and static bug inventories to ongoing, tangible risk reduction." Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  Anthropic, Application Security, artificial intelligence, cybersecurity, OpenAI, secure coding, software development, Threat Intelligence, Vulnerability Trending News ⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More Block the Prompt, Not the Work: The End of "Doctor No" Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit BKA Identifies REvil Leaders Behind 130 German Ransomware Attacks Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass New GPUBreach Attack Enables Full CPU Privilege Escalation via GDDR6 Bit-Flips Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems The AI Arms Race – Why Unified Exposure Management Is Becoming a Boardroom Priority Docker CVE-2026-34040 Lets Attackers Bypass Authorization and Gain Host Access Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS AI Will Change Cybersecurity. Humans Will Define Its Success. A Lesson No Algorithm Can Teach China-Linked Storm-1175 Exploits Zero-Days to Rapidly Deploy Medusa Ransomware New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released Load More ▼ Popular Resources Get Full Visibility into Vendor and Internal Risk in One Platform [Guide] Get Practical Steps to Govern AI Agents with Runtime Controls Secure Your AI Systems Across the Full Lifecycle of Risks Learn How to Block Breached Passwords in Active Directory Before Attacks