"Frontier Al models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities," the Five Eyes intelligence agencies warned, adding a tight deadline: "The timeline is not years, it is months."
Five Eyes warning: months, not years
The intelligence agencies of the United States, Canada, the United Kingdom, Australia and New Zealand issued a joint statement saying advanced AI models able to "wreak havoc in the cyber domain" are expected to become broadly available to the public “within the year.” The advisory carried signatures from the NSA’s Director of the Cybersecurity Directorate David Imbordino and acting CISA Director Nick Andersen. The statement does not specifically cite secret or classified sources or methods to reach this conclusion, but aligns with public warnings from cybersecurity and AI experts.
Named frontier models and recent controls: Anthropic’s Fable 5, Mythos, and OpenAI’s Daybreak
The agencies cited frontier models such as Anthropic’s Fable 5 and OpenAI’s Daybreak as examples of systems whose capabilities could reshape offensive and defensive cyber operations. The advisory noted that, despite efforts by AI companies to withhold or restrict access, frontier-model capabilities are likely to spread quickly. It observed that the capabilities described in an Amazon threat intelligence report — the same report that convinced the Trump administration to place export controls on Fable 5 — could already be achieved through older models like Claude Opus and Claude Sonnet and through open-source Chinese models.
The statement records that Anthropic shut down access to their Fable 5 and Mythos 5 models as a result of those export controls; Anthropic released a statement saying they believe the White House decision was a “misunderstanding,” and the dispute "remains resolved" according to the agencies’ account. The advisory also notes reports that newer models like Mythos are “significantly more powerful for cybersecurity-related tasks,” and underscores a central dynamic: "the rapid pace of frontier AI development means cyber risk assumptions can become outdated in months, not years."
Technical vulnerabilities the agencies say AI will exploit
The Five Eyes statement singles out familiar but persistent problems as the most attractive targets for AI-augmented attackers. It lists:
- legacy systems
- sluggish patching loops
- unnecessary internet connectivity
- weak identity and access controls
- a lack of pre-incident planning by organizations
The agencies note that AI models capable of exploiting cybersecurity weaknesses are already available today through multiple channels: older commercial models, open-source versions, and foreign and black-market sources. The rapid diffusion of capabilities, they argue, increases the urgency of addressing these basic weaknesses now.
Defensive programs: Anthropic’s and OpenAI’s efforts to help defenders
The statement highlights defensive programs that pair frontier AI development with security goals. It cites Anthropic’s Project Glasswing and OpenAI’s Trusted Access for Cyber Program as examples of initiatives that provide AI systems to organizations for cyberdefense, with the explicit aim of giving defenders "a head start in finding and fixing vulnerabilities before AI systems can exploit them routinely in the coming years."
What this means for technologists, policymakers, and enterprises
- Technologists and security teams: The agencies' guidance is blunt — practical cyber hygiene matters more than ever. "Success will come from getting the basics right, acting quickly, and integrating cyber security into core business strategy," they wrote; immediate focus on patching, reducing unnecessary exposure, and strengthening identity and access controls is implied.
- Policymakers and regulators: Export controls and restricted access have been used — the advisory references the export controls that followed the Amazon report — but the agencies warn those measures may be outpaced by rapid model proliferation. "We must act before and be prepared to adapt and withstand evolving threats," they wrote, underlining that policy assumptions can become dated in months, not years.
- Enterprises and procurement leaders: Because older and open-source models can already perform advanced tasks, organizations cannot rely on the frontier providers alone for defense. The agencies caution that firms "that do not" integrate cybersecurity into core strategy "will face growing operational and strategic disadvantage."
The Five Eyes advisory is straightforward in its prescription and stark in its timeline: frontier-capable cyber tools are close at hand, and familiar failures of maintenance, access control and planning are the most likely avenues of exploitation. Whether defensive programs and policy controls can keep pace with a field where "yesterday’s restricted frontier AI is tomorrow’s free, open-source AI" is the question the agencies have placed in plain terms on the table.
