As part of an expansion of its Trusted Access for Cyber (TAC) program, OpenAI says GPT-5.4-Cyber is a variant of GPT-5.4 that is less restrictive in legitimate security contexts and supports tasks such as binary reverse engineering, meaning the analysis of compiled software without access to source code.

Initially, only a few hundred users will receive access. Over the coming weeks, OpenAI plans to expand availability to thousands of verified individuals and hundreds of teams. Because the model is more permissive, stricter safeguards apply, and access through third-party platforms or under zero-data-retention setups may be limited.

The launch also comes amid direct competition with Anthropic. Just a week earlier, the rival company introduced Claude Mythos, an AI model focused on identifying and exploiting vulnerabilities in operating systems and browsers, likewise released to a restricted group of users.

Codex Security as part of the broader ecosystem

Alongside the new model, OpenAI highlighted its existing security tool, Codex Security, which automatically identifies vulnerabilities in codebases and suggests fixes. Since launch, the system has reportedly contributed to the remediation of more than 3,000 critical vulnerabilities. In addition, OpenAI says it has committed $10 million through its Cybersecurity Grant Program and has provided free security scanning to more than 1,000 open-source projects.

According to Bloomberg, Mythos has already raised concerns among financial firms and U.S. government agencies. During a meeting with Wall Street executives, U.S. Treasury Secretary Scott Bessent and Federal Reserve Chair Jerome Powell reportedly warned that the model should be taken seriously. Bloomberg also reported that the U.S. Treasury’s technology team is seeking access to Mythos in order to test its own systems for vulnerabilities.