On June 22, 2026, the intelligence community of the Five Eyes—Australia, Canada, New Zealand, the United Kingdom, and the United States—issued a joint statement that frontier artificial‑intelligence models could soon turn the balance of cyber warfare in a matter of months.

The alliance said the pace of AI development is outstripping expectations and that the new models will reshape both offensive and defensive cyber capabilities. It stressed that the window for change is measured in months, not years, and that cyber risk has moved beyond a purely technical issue to become a core business risk and a leadership responsibility.

According to the statement, AI lowers the barrier for malicious actors, accelerates attack execution, and narrows the gap between vulnerability discovery and exploitation. It warned that the speed and complexity of future attacks could dwarf current defensive measures.

In response, the Five Eyes urged organizations to tighten digital defenses, expedite software updates, restrict access to sensitive systems, and adopt proactive threat‑prevention practices. The agencies did not name a particular model or company, but industry observers have focused on the United States‑based developer Anthropic.

Earlier in 2026, Anthropic announced that its flagship model Mythos was too powerful for public release and granted access only to a small cohort of trusted partners. The company later offered a more restricted version, Fable 5, but both models were taken offline after a U.S. government order barred foreign citizens from using them on national‑security grounds.

These events unfold amid broader warnings from researchers, technology leaders, and security officials that AI capabilities are advancing faster than governments and institutions can keep pace. Experts note that systems designed to boost productivity and strengthen cyber defenses could also be repurposed to automate attacks, lower entry thresholds for bad actors, and amplify the impact of small groups.

Anthropic’s experience illustrates the tension between innovation and security. The firm’s use of “constitutional AI” to improve ethical compliance has drawn scrutiny, and its refusal to waive contractual prohibitions on mass domestic surveillance and fully autonomous weapons led the U.S. Department of Defense to label it a supply‑chain risk. A federal judge issued a temporary injunction against that designation in March 2026.

The Five Eyes statement signals a growing consensus that frontier AI models—those that push the limits of reasoning, knowledge, and autonomy—constitute a new class of cyber threat. The call for tighter controls and proactive defense measures marks a shift from reactive to anticipatory security postures.

At present, the most advanced models remain restricted and subject to export controls. The U.S. ban on foreign use of Mythos and Fable 5 remains in effect, and no new public releases have been announced. The situation is fluid, with ongoing discussions about how to balance AI innovation, national security, and global governance.

Key unresolved questions include how to enforce export controls on rapidly evolving AI technology, how to develop defensive AI that can keep pace with offensive capabilities, and how to coordinate international policy to prevent misuse while supporting legitimate research and commercial use.

In the coming months, organizations will need to reassess their cyber‑security strategies in light of these warnings, and governments will likely refine export‑control regimes and collaborative intelligence‑sharing mechanisms to address the emerging risks posed by frontier AI models.