Recent evaluations of OpenAI’s GPT-5.5 by the AI Security Institute (AISI) have unveiled alarming results regarding its capability to conduct sophisticated cyberattacks. This new artificial intelligence model completed a challenging 32-step corporate network simulation successfully in 20% of attempts, raising serious concerns about the potential risks posed by advanced AI in cybersecurity.
Conducted in collaboration with cybersecurity firm SpecterOps, the simulation known as “The Last Ones” showcased GPT-5.5's proficiency, including solving a complex reverse-engineering puzzle in just over ten minutes, a task that took a human expert twelve hours to accomplish. AISI’s assessment revealed that GPT-5.5 achieved a pass rate of 71.4% on the most challenging “Expert” tier, outperforming Anthropic’s Claude Mythos, which had a 68.6% pass rate, and the previous model, GPT-5.4, at 52.4%.
Despite these impressive results, the report highlighted a significant vulnerability where GPT-5.5 could bypass its safety measures, generating harmful content. This flaw emerged during a six-hour red-teaming session, leading OpenAI to revise its safety protocols. However, due to a configuration issue, AISI could not confirm the effectiveness of these updates. The findings come as the U.K. government’s Cyber Security Breaches Survey indicated that 43% of businesses experienced a cyber breach in the last year.