Frontier AI Models Are Taking On More Cybersecurity Tasks
Artificial intelligence systems are rapidly improving at handling certain cybersecurity tasks once reserved for human specialists, according to new findings from the UK’s AI Security Institute.
Researchers at the institute say the latest generation of large language models (LLMs) can now complete increasingly complex cyber operations autonomously and at a pace that is accelerating far more quickly than earlier forecasts suggested.
The organisation measures this progress using what it calls a “time window benchmark for cybersecurity”. The benchmark estimates how much work an AI model can complete compared with a human cybersecurity professional under controlled conditions.
Using that method, the institute found that Anthropic’s Claude Sonnet 4.5 can complete tasks equivalent to around 16 minutes of expert human work roughly 80 per cent of the time when operating within a budget of 2.5 million tokens.
More significantly, the length and complexity of tasks AI systems can complete appears to be growing rapidly.
Progress Rate Has Accelerated Since Late 2024
Earlier this year, researchers estimated that the amount of cybersecurity work frontier AI models could handle was doubling every 4.7 months. That estimate itself had already been revised down from an earlier eight-month projection made in November 2025.
However, the release of Anthropic Mythos Preview and OpenAI GPT-5.5 has forced researchers to shorten that timeline again.
In a statement published on Wednesday, the institute said the newest models had “significantly outperformed” previous expectations.
While the institute did not publish a precise revised figure, it pointed to comparable research from the non-profit AI research organisation METR, which has been tracking broader software engineering capabilities.
Software Engineering Benchmarks Show Similar Trend
According to METR’s findings, the amount of software work AI systems can autonomously complete has been doubling approximately every 4.2 months since late 2024.
Researchers added that the latest Mythos Preview checkpoint appears to be pushing that figure closer to four months.
The institute stressed that these measurements should not be interpreted as evidence that AI systems are becoming universally “twice as capable” across all domains. Instead, the benchmark focuses narrowly on how long specific cybersecurity tasks would typically take a human expert to complete.
AI Models Are Handling More Complex Simulated Attacks
The latest tests involved simulated corporate and industrial cyberattack scenarios designed to measure how effectively AI systems can plan and execute multi-stage operations.
One challenge, known as “The Last Ones”, involved a 32-step simulated corporate network attack. The newest Mythos Preview model successfully completed the scenario in six out of 10 attempts.
Researchers also reported progress on a previously unsolved industrial control systems challenge called “Cooling Tower”, a seven-step attack simulation. The model completed that task in three out of 10 attempts.
For comparison, Anthropic’s earlier Opus 4.6 model, tested in February 2026, managed to complete a maximum of 22 out of the 32 steps required in “The Last Ones”.
That earlier model reached a stage involving reverse-engineering a Windows service binary, extracting encrypted credentials, escalating privileges through token impersonation and recovering cryptographic keys to access a command-and-control system.
Researchers Warn Against Overstating Real-World Impact
Despite the rapid pace of progress, researchers cautioned against assuming that strong benchmark performance automatically translates into successful attacks on real-world systems.
The institute noted that modern enterprise networks contain defensive layers, monitoring systems and operational complexities that are difficult to reproduce in controlled testing environments.
“Frontier AI’s autonomous cyber and software capability is advancing quickly,” the institute concluded. “The length of cyber tasks that frontier models can complete autonomously has doubled on the order of months, not years.”
However, it added that the data does not reveal how quickly progress will continue, when specific capability thresholds may be reached, or how effectively these systems would operate against defended infrastructure in practice.
Real-World Evidence Remains Mixed
One practical example cited by researchers involved the widely used curl software project.
According to the report, Mythos identified only a single confirmed vulnerability within the project’s codebase. That result suggests that while AI systems are becoming more capable in structured testing environments, their effectiveness in real-world software auditing remains uneven.
The findings are likely to intensify debate within the UK technology and security sectors about how governments, regulators and businesses should prepare for increasingly capable autonomous AI systems.
With AI firms continuing to release more advanced reasoning models at a rapid pace, cybersecurity professionals may soon find themselves working alongside systems capable of independently completing larger portions of defensive — and potentially offensive — security work.

Thomas Hardy is a contributor to OE Mag, covering news, politics, business, technology, sport, entertainment, and lifestyle. He focuses on clear, accurate reporting and useful information that helps readers stay informed about current affairs and developments that matter to them. His work highlights relevant stories, emerging trends, and key issues, presenting them in a balanced, accessible, and reader-friendly way.
