AI ‘Scary Good’ at Hacking: OpenAI and Anthropic Warn of Major Cyberattack Risk by 2026
As next-generation AI models gain the ability to breach sophisticated networks with “wild sophistication,” government officials and tech developers are raising urgent alarms about the potential for large-scale cyberattacks as early as this year.
OpenAI and Anthropic are preparing to release next-generation artificial intelligence systems that are “scary good” at hacking complex systems, raising alarms among senior AI developers and government officials about an imminent wave of large-scale cyberattacks.
According to a report by Axios, the upcoming models are capable of breaching sophisticated networks at scale. In his weekly newsletter, Axios CEO Jim VandeHei cited a source who warned that a major attack leveraging these technologies could happen as early as this year, with businesses being the most vulnerable targets.
A central point of concern is Anthropic’s unreleased model, codenamed “Mythos.” The company has privately warned government officials that the system could dramatically increase the likelihood of large-scale cyberattacks by 2026. The model is designed to power autonomous agents capable of operating with extreme precision inside corporate, government, and municipal networks.
Details from an unpublished Anthropic blog post, accessed by Fortune, underscore the gravity of the threat. The post stated that the model is “currently far ahead of any other AI model in cyber capabilities,” adding that it “presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders.”
The warnings come as companies face a new internal risk: employees using AI agents without proper oversight. These tools can accidentally connect to sensitive systems, creating vulnerabilities for attackers. The widespread use of tools like Anthropic’s Claude and Microsoft Copilot is increasing exposure, as employees often deploy them outside controlled environments, sometimes linking them to workplace systems without realizing the security implications.
The cybersecurity community is taking the threat seriously. A Dark Reading poll found that 48 percent of cybersecurity professionals rank agentic AI as the top attack vector for 2026, ahead of all other emerging threats.
Real-world incidents have already demonstrated the potential for misuse. Earlier this year, a hacker used Claude to carry out cyberattacks on Mexican government agencies, according to Bloomberg. The attacks resulted in the theft of a large amount of sensitive data, including tax records and voter information.
Last year, Anthropic disclosed a cyberattack by a Chinese state-sponsored group that used AI agents to target around 30 organizations globally. The AI reportedly handled 80-90 percent of the tactical operations on its own. The hackers first “jailbroke” the system to bypass safety controls, then used it to identify targets, scan systems, find vulnerabilities, generate exploit code, ste
About The Author
