OpenAI has announced new layers of cybersecurity controls after internal tests showed that its upcoming frontier AI models have reached “high” levels of cyber-capability. The company said the models are now capable of performing advanced tasks such as vulnerability discovery, exploit development and malware generation, raising the risk of misuse if the systems fall into the wrong hands.
In a detailed update published on December 10, 2025, OpenAI said it is intensifying its cybersecurity efforts to keep pace with the rising technical abilities of its models. “We’re investing in strengthening them, layering in safeguards, and partnering with global security experts,” the company said.
According to the company, internal testing showed that performance on cybersecurity tasks, measured through capture-the-flag (CTF) challenges, jumped from 27% in GPT-5 (August 2025) to 76% in GPT-5.1-Codex-Max (November 2025).
These gains mean future models may soon reach what OpenAI classifies as high levels of cybersecurity capability. Under the company’s Preparedness Framework, this includes the ability to develop working zero-day exploits or assist in stealthy, real-world intrusion operations. In response, OpenAI says it is building multiple layers of safeguards to ensure such capabilities help defenders more than attackers.
Growing Misuse of AI for Malware Creation
The rising concern around AI-enabled cyberattacks is not theoretical. Security firms have reported that hackers are already using tools like ChatGPT to write and refine malicious code. A November 2024 analysis by DOT Security noted that threat actors were using AI to generate obfuscated malware, craft more convincing phishing emails, and automate large volumes of attack code. Their researchers found that AI could also tailor malware to specific systems by analysing logs and configuration files, making traditional antivirus tools less effective.
This earlier wave of AI misuse shows why frontier-level models with stronger cyber capabilities require strict safeguards, controlled access, and constant monitoring.
Earlier Evidence of AI Misuse in Live Cyberattacks
Last month, researchers at Google’s Threat Intelligence Group reported that threat actors were already using AI tools, including Gemini and open-source models, to build malware that rewrites its own code during execution to evade detection. Their investigation documented malware families like PROMPTFLUX and PROMPTSTEAL using LLMs for obfuscation, reconnaissance, data theft, and phishing.
The report also showed state-backed groups from China, Iran, and North Korea manipulating AI systems with social-engineering prompts to bypass safeguards. These incidents demonstrated how AI can become an active component inside malware, underscoring why frontier models with rising cyber capabilities require tighter oversight and controlled access.
Multiple Layers of Protection Against AI Misuse
OpenAI is…
Source link
Disclaimer
We strive to uphold the highest ethical standards in all of our reporting and coverage. We blogs.grocliq.com want to be transparent with our readers about any potential conflicts of interest that may arise in our work. It’s possible that some of the investors we feature may have connections to other businesses, including competitors or companies we write about. However, we want to assure our readers that this will not have any impact on the integrity or impartiality of our reporting. We are committed to delivering accurate, unbiased news and information to our audience, and we will continue to uphold our ethics and principles in all of our work. Thank you for your trust and support.
Website Upgradation is going on for any glitch kindly connect at [email protected]
