Listen to today's AI briefing

Daily podcast — 5 min, AI-narrated summary of top stories

A computer screen displays code and network nodes, representing AI cyber capabilities doubling every 4.5 months…

UK AI Safety Institute: Cyber Capability Doubling Every 4.5 Months

UK AISI finds AI cyber capabilities double every 4.5 months, with Mythos and GPT-5.5 showing token-limited ability, not capability bounds.

AAAla SMITH & AI Research Desk·4h ago·3 min read··6 views·AI-Generated·Report error

Source: x.comvia @emollickSingle Source

How fast are AI cyber capabilities doubling according to the UK AI Security Institute?

The UK AI Security Institute found AI cyber capabilities double every 4.5 months, with Mythos and GPT-5.5 showing token-limited upper bounds rather than ability constraints.

TL;DR

UK AISI finds rapid cyber capability gains. · Mythos and GPT-5.5 show token-limited ability. · Doubling time for AI cyber skills is 4.5 months.

UK AI Security Institute (AISI) reports AI cyber capabilities double every 4.5 months. Mythos and GPT-5.5 show token-limited ability, not inherent capability constraints.

Key facts

AI cyber capability doubling time: 4.5 months.
Mythos and GPT-5.5 show token-limited ability.
No upper bound established for cyber attack effectiveness.
Findings from UK state AI Security Institute.
Reported via researcher Ethan Mollick on X.

The UK's state AI Security Institute (AISI) published findings on the rapid acceleration of AI-driven cyber capabilities. The report, shared via researcher Ethan Mollick [According to @emollick], highlights two key models: Mythos and GPT-5.5.

Both models demonstrate significant gains in cyber capabilities, but the critical finding is that establishing an upper bound on their performance is difficult. The models appear limited by the number of tokens they can process during inference, rather than by their underlying reasoning or strategy ability. This suggests that with more compute—specifically more token budget—their cyber attack effectiveness could rise further without architectural changes.

The 4.5-Month Doubling Clock

AISI's headline metric is the capability doubling time of 4.5 months for AI cyber skills. This is faster than the widely cited 18-month Moore's Law doubling for general-purpose compute, but aligns with other AI scaling trendlines such as the 3-4 month doubling of training compute seen in frontier models since 2022 [per public training compute estimates]. The finding implies that defensive cyber measures must improve at a comparable or faster rate to maintain parity.

The unique take here is that token-limited capability undermines the common argument that AI models have a "glass ceiling" on complex reasoning tasks like cybersecurity. If the only bottleneck is inference token budget, then as context windows grow and inference costs fall, these models will scale in effectiveness without requiring new training runs or architectural breakthroughs.

AISI did not disclose the specific benchmarks or test environments used to measure cyber capability, nor did it detail the evaluation protocols. The findings are preliminary and based on a limited set of models, but the trendline is stark. The doubling time extrapolates from current model performance trends, and the report implies that current defensive AI may not be keeping pace.

What to watch

Watch for AISI to release the full evaluation methodology and benchmark details. Also monitor whether OpenAI and Anthropic publish their own cyber capability evaluations for GPT-5.5 and Claude variants, which would either corroborate or challenge the 4.5-month doubling finding.

Source: gentic.news · 4h ago · author=Ala SMITH · citation.json

AI-assisted reporting. Generated by gentic.news from multiple verified sources, fact-checked against the Living Graph of 4,300+ entities. Edited by Ala SMITH.

Following this story?

Get a weekly digest with AI predictions, trends, and analysis — free.

AI Analysis

The AISI finding is the first official government measurement of AI cyber capability growth rates, and the 4.5-month doubling is alarming but not surprising. It aligns with the broader trend of AI scaling laws: if training compute doubles every 3-4 months, and inference compute scales similarly, then task-specific capability should also double on a comparable timescale. The token-limited nature of the models is the most actionable insight for defenders. It implies that adversarial AI systems will become more dangerous not through new architectures but through cheaper, longer inference runs. This shifts the defensive focus from detecting novel attack strategies to detecting sustained, high-token-budget inference sessions—a fundamentally different detection problem. The lack of published benchmarks from AISI is a limitation; without knowing the evaluation tasks, we cannot assess whether the finding generalizes to real-world cyber operations or is an artifact of specific test sets.

#ai safety #frontier models #cybersecurity #uk policy

Mentioned in this article

UK AI Safety Institute GPT-3.5 Mythos Ethan Mollick

Enjoyed this article?

Get the weekly AI intelligence briefing

✨AI Toolslive

Five one-click lenses on this article. Cached for 24h.

Pick a tool above to generate an instant lens on this article.

Products & Launches2 shared topics

GPT-5.5 Ties Claude Mythos in Enterprise Cyber Attack Tests, AISI Finds

From the lab

The framework underneath this story

Every article on this site sits on top of one engine and one framework — both built by the lab.

Original research · EUMAS 2026

MNEMA — A Witness Lattice for Multi-Agent AI Memory

Cryptographic memory units · 1−α detection floor · 15 pp PDF

Field framework · v1.0

Epistemic Infrastructure

12 pillars · 11-stage knowledge metabolism · pathology catalog

More in AI Research

View all

Satellite image of patchwork agricultural fields in various shades of green and brown, with geometric boundaries…

AI Research

Prithvi-EO Fails Cross-Country Crop Yield Generalization, Paper Shows

Prithvi-EO and ViT-Base embeddings yield universally negative R² under cross-country maize yield prediction, failing to beat traditional spectral features due to yield distribution shift.

arxiv.org/1d ago/3 min read

earth-observationfoundation-modelsarxiv

A researcher analyzes a diagram of a neural network with highlighted connections being removed, representing LLM…

AI Research

Pruning LLMs for Edge Triples Bias, Perplexity Hides Damage

Pruning LLMs for edge deployment amplifies bias up to 83.7% while perplexity barely changes, revealing a paradox that undermines standard evaluation practices.

arxiv.org/1d ago/3 min read/Widely Reported

ai safetymodel compressionedge ai

A sleek metallic humanoid robot with glowing blue eyes gestures toward a floating holographic interface displaying…

AI Research

Thinking Machines Unveils Native Multimodal Interaction Model

Thinking Machines unveiled a native interaction model that simultaneously listens, sees, speaks, interrupts, reacts, thinks in background, and uses tools. The approach targets the fundamental turn-based bottleneck of current AI assistants.

x.com/1d ago/3 min read

startupsai modelsmultimodal ai

The 4.5-Month Doubling Clock

What to watch

AI Analysis

✨AI Toolslive

Related Articles

Ethan Mollick: OpenAI's O1 Release Was Second Most Important LLM Launch

Study: People Rely on AI for Medical Advice, But Quality Evidence Lags

Ethan Mollick Defends Anthropic's 'Mythos' AI Risk Warning

Mythos AI Red Team Reports: A 6-9 Month Warning Window for CISOs

GPT-5.5 Ties Claude Mythos in Enterprise Cyber Attack Tests, AISI Finds

The framework underneath this story

More in AI Research

Prithvi-EO Fails Cross-Country Crop Yield Generalization, Paper Shows

Pruning LLMs for Edge Triples Bias, Perplexity Hides Damage

Thinking Machines Unveils Native Multimodal Interaction Model