OpenAI is finalizing a cybersecurity product slated for a restricted release to select partners.

The new model, as reported by Axios, could signal growing anxiety among developers that their latest creations may be too dangerous for the public.

The shift comes as artificial intelligence (AI) capabilities reach a critical threshold in autonomous hacking and reasoning. For years, experts have warned of a day of reckoning when models could independently cripple critical infrastructure such as power grids or financial systems. According to top security leaders, that day has arrived.

AI’s leading players are now treating their software less like consumer products and more like digital weaponry. Anthropic recently set the precedent by announcing a limited rollout of its Mythos Preview model, restricting access to a handpicked group of tech and security firms to prevent the model from being weaponized by bad actors.

OpenAI follows a similar defensive blueprint. After the release of GPT-5.3-Codex — its most advanced reasoning model to date — the company quietly launched the “Trusted Access for Cyber” pilot program. This initiative provides vetted organizations with permissive, high-capability models designed specifically to accelerate defensive research. To sweeten the deal and bolster global resilience, OpenAI committed $10 million in API credits to participants.

Despite these walled garden approaches, many experts argue the genie is already out of the bottle.

Wendi Whitmore, chief security intelligence officer at Palo Alto Networks Inc., warns that similar capabilities will inevitably leak or be replicated in open-source models within weeks.

Meanwhile, Rob T. Lee of the SANS Institute notes that the ability to find flaws in aging codebases is a fundamental feature of modern LLMs that cannot be easily “unlearned.”

The current strategy mirrors the decades-old practice of responsible disclosure in the cybersecurity world, giving defenders a head start before the vulnerabilities become public knowledge.

While OpenAI prepares this specialized cyber tool, the industry remains focused on its next flagship model, codenamed “Spud.” It remains unclear whether Spud will carry the same destructive potential or if it will be subject to the same strict gatekeeping. For now, the move fast and break things mantra of Silicon Valley has been replaced by a much more cautious directive: move fast, but lock the doors.

April 9, 2026April 9, 2026 Jon Swartz Anthropic, api, Autonomous Hacking, GPT-5.3-Codex, LLMs, Mythos, OpenAI, Palo Alto Networks, SANS Institute, Silicon Valley, Spud