EU intensifies U.S. talks on cyber AI models
The European Commission intends to "intensify" discussions with the U.S. administration on the most advanced AI models, including those with cyber capabilities, a Commission spokesperson told CNBC on May 29, 2026. CNBC reports that Anthropic's Mythos model, announced in April, has prompted concerns about AI-enabled cyberattacks and that Anthropic rolled out the model to a limited preview called Project Glasswing. The Wall Street Journal reported that the White House opposed Anthropic's proposal to expand Mythos access to roughly 70 additional organisations. CNBC also reports that the White House says it is working closely with AI labs to balance innovation and safety, and that OpenAI has offered the EU access to GPT-5.5-Cyber under a limited preview.
What happened
CNBC reported on May 29, 2026 that the European Commission intends to "intensify" talks with the U.S. administration about the most advanced AI models, explicitly including models with "cyber capabilities," according to a Commission spokesperson. CNBC reported that Anthropic announced the model Mythos in April and rolled it out to a select group of companies and organisations under an initiative CNBC named as Project Glasswing. The Wall Street Journal, cited by CNBC, reported that the White House opposed Anthropic's proposal to broaden preview access to roughly 70 additional companies and organisations. CNBC also reported that the White House is engaging with AI labs to try to strike "a balance between innovation and safety."
Technical details
Editorial analysis - technical context
Public reporting describes Mythos and GPT-5.5-Cyber as specialised variants of large language models with capabilities framed by sources as relevant to cybersecurity assessments and red-teaming. These descriptions in the reporting focus on models being provided in limited-preview modes to vetted cybersecurity teams or partners rather than on fully general commercial release. Reporting notes preview programs such as Project Glasswing for Mythos and OpenAI's limited preview for GPT-5.5-Cyber rather than technical specifications or benchmarked performance metrics.
Context and significance
What to watch
Editorial analysis
Cross-border access to powerful models with cyber use-cases raises regulatory and operational frictions that span national security, export control, and incident response coordination. Public reporting shows the EU seeking closer coordination with the U.S. while noting differing access timelines across vendors, which complicates shared evaluation and oversight. For practitioners, differences in preview access and vendor engagement affect who can participate in scanning, red-teaming, and building mitigations across jurisdictions.
Observers should track whether the EU and U.S. agree on mechanisms for secure model review, such as joint vetted-access programs, standardized disclosure processes, or shared threat-assessment playbooks. Also watch vendor-level responses: whether providers extend previews to additional regulators or security bodies, and whether named incidents or classified risk assessments prompt coordinated guidance. Finally, monitor reporting that cites named officials or documents for any formal agreements or procedural frameworks emerging from U.S.-EU talks.
Reporting notes
- •Attributed sources in this summary are CNBC and, where CNBC cited it, the Wall Street Journal.
- •CNBC quoted Commission spokesperson Thomas Regnier and referenced exchanges between the EU and OpenAI around access to GPT-5.5-Cyber.
Key Points
- 1EU officials told CNBC they will "intensify" talks with the U.S. on advanced AI models, highlighting cross-border coordination needs.
- 2Anthropic's Mythos release in April and limited Project Glasswing previews prompted government concern, per CNBC and the Wall Street Journal.
- 3OpenAI offered the EU limited access to GPT-5.5-Cyber, illustrating divergent vendor engagement practices that affect regulator review timelines.
Scoring Rationale
Cross-border coordination on AI models with cyber-relevant capabilities affects regulators, security teams, and vendors. The story is notable for its policy implications and for differences in vendor access that matter to red-teamers and security practitioners.
Sources
Primary source and supporting public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems

