10 Key Insights on AI Cyberattack Capabilities: Mythos Preview Sets New Benchmark

In a groundbreaking development for AI security, the AI Security Institute (AISI) has revealed that its newest model, Mythos Preview, is the first to successfully complete both of its rigorous cyberattack simulation ranges. This achievement comes as a stark contrast to the performance of GPT-5.5, which managed to solve only one of the two challenges. As we delve into the implications, here are ten essential things you need to know about this milestone and what it means for the future of AI safety.

1. What Are AISI's Cyber Ranges?

AISI's cyber ranges are sophisticated testing environments designed to measure an AI model's ability to carry out cyberattacks autonomously. These ranges simulate real-world network infiltration scenarios, requiring the model to identify vulnerabilities, execute exploits, and maintain persistence without human intervention. Completing both ranges indicates a model can handle complex, multi-stage attacks that mimic those used by advanced persistent threats.

10 Key Insights on AI Cyberattack Capabilities: Mythos Preview Sets New Benchmark

2. Mythos Preview: The First to Conquer Both Ranges

Mythos Preview has achieved a historic first by successfully navigating and completing both cyber ranges. This demonstrates not only advanced reasoning and planning capabilities but also a high degree of resilience against defensive countermeasures. The model's success suggests that AI-driven cyberattacks are evolving faster than previously anticipated, raising urgent questions about defense preparedness.

3. GPT-5.5's Partial Success: Only One Range Solved

In contrast, GPT-5.5 managed to complete only one of the two ranges, falling short on the second. While still a formidable model, its inability to handle the full spectrum of attacks highlights the gap between current generation models and the next leap in capability. This disparity underscores the need for continuous testing and benchmarking as AI advances.

4. The Exponential Growth of AI Cyber Task Capability

In February 2026, AISI internally estimated that the length of cyber tasks AI models could complete had doubled every 4.7 months since late 2024. This rapid acceleration far outpaces Moore's Law and signals that AI's offensive cyber capabilities are on an exponential trajectory, potentially outstripping defensive innovations.

5. Implications for AI Safety and Regulation

The success of Mythos Preview intensifies debates around AI safety. If models can autonomously execute sophisticated cyberattacks, the risk of misuse by malicious actors grows. This has prompted calls for stricter regulations, including mandatory safety evaluations before deployment and international agreements to limit the development of autonomous cyber weapons.

6. How the Cyber Ranges Measure Attack Capabilities

The ranges consist of multiple stages: reconnaissance, weaponization, delivery, exploitation, installation, command and control, and actions on objectives. Each stage is scored for completeness, stealth, and efficiency. A model must pass all stages in both ranges to be considered fully successful. Mythos Preview achieved near-perfect scores, while GPT-5.5 stumbled at the exploitation phase in the second range.

7. Comparison with Previous Generations

Earlier models, such as GPT-4 and GPT-5, failed to complete even a single range. The leap from partial to full completion marks a significant milestone. AISI's data shows that the mean time to complete a range has dropped from weeks to mere hours in the latest models, underscoring the pace of improvement.

8. What This Means for Cybersecurity Defenses

As AI attack capabilities grow, traditional cybersecurity measures may become obsolete. The findings suggest that organizations must adopt AI-driven defensive tools capable of real-time threat detection and automated response. The window between vulnerability discovery and exploitation is shrinking, making proactive defense essential.

9. Future Projections: The Road Ahead

If the current doubling trend continues, experts predict that by late 2027, AI models could complete cyber tasks equivalent to those requiring human expert teams weeks to execute. This could democratize cyberattack capabilities, lowering the barrier for entry for nation-states and non-state actors alike. AISI is already developing a third, more complex range to stay ahead.

10. The Broader Impact on AI Research

This achievement is not just about cyberattacks; it reflects a general advancement in AI reasoning, planning, and adaptability. The techniques used by Mythos Preview may have applications in other domains, such as penetration testing and vulnerability research. However, the dual-use nature of such technology demands careful oversight to prevent misuse while encouraging beneficial applications.

In conclusion, the success of Mythos Preview in AISI's cyber ranges marks a pivotal moment in the evolution of AI capabilities. It highlights both the immense potential and the serious risks of advanced AI models. As we move forward, transparent benchmarking, robust regulation, and international collaboration will be crucial to harness these technologies safely. The race between offensive and defensive AI is on, and the stakes have never been higher.