Five Eyes warns AI could outpace cyberdefenses within months

The Five Eyes intelligence alliance warned Monday that the most advanced artificial intelligence systems could overtake current cybersecurity assumptions within months, urging governments and businesses to prepare for faster, more complex attacks.

In a joint advisory, security agencies from the United States, Britain, Canada, Australia and New Zealand said frontier AI models are changing the cyber landscape quickly and could give attackers capabilities that defenders are not yet ready to manage.

“The rapid pace of frontier AI development means cyber risk assumptions can become outdated in months, not years,” the agencies said, according to CBS News.

Al Jazeera reported that the three-page statement described the shift in even broader terms: “Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities.” The statement added: “The timeline is not years, it is months.”

The warning comes as officials intensify scrutiny of powerful AI models that may be able to identify software flaws and help execute complex cyberattacks. CBS News reported that the issue has gained urgency since Anthropic said in April that its advanced Mythos models had unprecedented abilities to find software vulnerabilities.

The Five Eyes advisory said AI “lowers barriers for malicious actors and increases the speed and complexity of attacks.” Officials warned that organizations should expect some intrusions to succeed and focus on limiting the damage.

“Breaches will occur,” the advisory said. “Preparedness helps you contain them quickly and prevent escalation into major operational and financial crises.”

The agencies urged organizations to use AI in their own security operations, including to identify weaknesses sooner and respond faster to incidents. They also recommended basic cybersecurity measures such as swiftly patching faulty software, updating older systems, limiting access to critical systems and avoiding putting systems online unless necessary.

The statement was light on technical detail, Al Jazeera reported, and largely reinforced long-standing cybersecurity guidance. But the agencies said the pace of AI development has made those practices more urgent.

The advisory follows recent action involving Anthropic’s models. CBS News reported that Anthropic suspended access this month to Mythos 5 and a restricted version called Fable 5 to comply with a U.S. national security order. Just days after publicly launching Fable 5, the company said it had received a government directive banning all foreign nationals from accessing the two models.

Al Jazeera reported that the U.S. government ordered Anthropic to suspend access for foreign nationals over alleged national security concerns.

The warning also referred to a broader set of emerging tools. Al Jazeera reported that officials are increasingly concerned about models such as Anthropic’s Mythos and OpenAI’s GPT-5.5-Cyber, which are said to allow users to quickly carry out complex and potentially damaging hacks.

Around the same time, the U.S. Cybersecurity and Infrastructure Security Agency, which co-signed Monday’s statement, shortened the deadlines for federal officials to address serious digital vulnerabilities in their networks to three days, citing AI threats, Al Jazeera reported.

CBS News reported that the Anthropic intervention is striking because the White House has otherwise pushed to loosen AI oversight, including moving to block states from writing their own rules.