The Indian Computer Emergency Response Team (CERT-In) has issued a significant advisory regarding the evolving risks associated with next-generation AI systems, including Mythos by Anthropic and GPT-5.5 by OpenAI. These systems possess capabilities that could greatly enhance cyber threats, prompting the government to address concerns about their potential dual-use in both productivity and offensive cyber operations.
CERT-In highlighted the ability of these advanced AI technologies to autonomously detect vulnerabilities in commonly used software, enabling them to orchestrate complex cyberattacks at unprecedented speeds. The advisory specifically notes alarming features such as the rapid identification of zero-day vulnerabilities, sophisticated credential harvesting, and the potential for AI-driven phishing campaigns.
The report warns organizations of an increased risk environment characterized by low-cost automated attacks, leading to possible unauthorized access, financial fraud, and extensive service disruptions. In light of these threats, CERT-In has recommended that businesses adopt an “elevated alert” status, enhance their threat detection capabilities, and implement AI-enabled defensive measures. Transitioning to zero trust security frameworks, along with strengthening password protocols and training security personnel on AI-enhanced attack strategies, are critical steps suggested to mitigate these emerging risks.