Five Eyes Warns AI Could Threaten Governments, Businesses

Cybersecurity agencies from the Five Eyes alliance (the intelligence partnership comprising the United States, United Kingdom, Canada, Australia, and New Zealand) issued a rare joint statement warning that frontier AI models are expected to transform offensive cyber capabilities in months, not years. The joint statement, signed by NSA's Director of the Cybersecurity Directorate David Imbordino and acting CISA Director Nick Andersen, explicitly names Anthropic's Fable 5 and OpenAI's Daybreak as the class of models driving the warning (CyberScoop). The statement reads: "Frontier AI models are anticipated to exceed current industry expectations, fundamentally transforming both offensive and defensive cyber capabilities. The timeline is not years, it is months" (CyberScoop; The Guardian). The Guardian frames the warning as unusually urgent for an intelligence partnership of this kind.

The statement flags several categories of attacker capability that AI is expected to accelerate: automated vulnerability discovery, large-scale synthetic social engineering, faster exploit development, and automated malware generation. The agencies identify legacy systems, slow patching cycles, unnecessary internet connectivity, weak identity controls, and absent pre-incident planning as the primary vectors AI will exploit. CyberScoop notes that many of the underlying concerns mirror what public cybersecurity researchers have raised for the past year, and that AI models capable of exploiting security weaknesses are already available through older commercial models, open-source releases, and foreign or black-market sources.

The Five Eyes joint warning elevates frontier AI cyber risk from academic and product-level discourse to a coordinated national-security concern involving the highest levels of signals intelligence agencies in five allied nations. The statement's explicit naming of specific models by vendor - and the involvement of NSA and CISA directors as signatories - signals that intelligence partners view the trajectory of model capability development as compressing timelines for sophisticated offensive cyber operations. The cross-border coordination also implies that policy responses and defensive tooling timelines are expected to lag capability advances.

follow-up guidance or mitigation playbooks from national CERTs and Five Eyes member agencies; technical disclosures and API restriction updates from major model providers about guardrail and safety testing results; and emergent open-source tooling that automates vulnerability discovery or attacker operational tasks. The agencies recommend stopping treating digital security as a compliance afterthought: "Success will come from getting the basics right, acting quickly, and integrating cyber security into core business strategy" (CyberScoop).