VC
Value Add VC
โšกHomePulseโšกHelpful Apps๐Ÿ“Blog
โ† Value Add PulseAI

UK Agency Finds "Universal Jailbreaks" in OpenAI's GPT-5.6

The UK AI Security Institute found universal jailbreaks in GPT-5.6 Sol unlocking autonomous cyber-exploit capabilities, a pattern similar to the flaw that triggered US export controls on Anthropic's Fable 5.

UK AI Security Institute
Finding agency
"Universal" (cyber domain)
Jailbreak type
Anthropic Fable 5 (June 9)
Comparable precedent
Imposed June 12, 2026
Fable 5 export controls
TC
Trace Cohen
Early-stage VC & angel ยท Founder, New York Venture Partners
July 10, 2026
2 min read
ShareXLinkedInEmail
THE RUNDOWN
1

The UK AI Security Institute (AISI) identified "universal jailbreaks" in the cyber domain that allowed long-form agentic task completion in areas like vulnerability discovery and exploit development on OpenAI's GPT-5.6 Sol, despite OpenAI marketing the model as its most secure release to date

2

AISI characterized the jailbreaks as unlocking the ability to conduct autonomous exploits, not just identify software vulnerabilities -- a more severe capability gap than the one Amazon researchers found in Anthropic's Fable 5 days after its June 9 release

3

That earlier Fable 5 jailbreak prompted the US government to impose export controls on Fable 5 and Mythos 5 on June 12, meaning GPT-5.6 now faces a live question of whether it invites a similar regulatory response just as OpenAI is emphasizing the model's cybersecurity credentials

4

The finding lands directly against OpenAI's own marketing claim that GPT-5.6 achieves frontier cybersecurity performance with significantly fewer tokens, complicating the narrative around the same model family OpenAI is simultaneously positioning as the backbone of ChatGPT Work's enterprise rollout

TC
The VC Read ยท Trace's TakeTrace Cohen

Marketing a model as your 'most secure cybersecurity model to date' and then having a national security agency find universal jailbreaks that unlock autonomous exploits within weeks is the exact pattern that triggered export controls on a rival model last month -- OpenAI doesn't get to treat that precedent as someone else's problem anymore. Enterprises rolling out ChatGPT Work on top of this same model family should be asking for AISI's full findings before, not after, deployment.

The UK AI Security Institute (AISI) disclosed that it identified "universal jailbreaks" in the cyber domain within OpenAI's newly launched GPT-5.6 Sol model, including jailbreaks that allowed long-form agentic task completion in areas like vulnerability discovery and exploit development. The finding directly contradicts OpenAI's own marketing of GPT-5.6 as its strongest cybersecurity model to date.

AISI's characterization of the jailbreaks as "universal" is the more serious detail -- it means the vulnerability isn't a narrow, easily-patched prompt-engineering trick, but a systemic gap in the model's safety guardrails that consistently unlocks restricted capability across a range of inputs. AISI further noted the jailbreaks appear to be potentially more severe than a comparable vulnerability found in Anthropic's Fable 5, because they unlock the ability to conduct autonomous exploits directly, rather than just identifying software vulnerabilities that would still require human action to weaponize.

The precedent here matters enormously. Researchers at Amazon discovered a jailbreak in the guardrails of Anthropic's Fable 5 model just days after its June 9 release, one that similarly unlocked cyber capabilities -- including the ability to find software vulnerabilities -- that were supposed to be gated off from average users. That discovery prompted the US government to impose export controls on both Fable 5 and its smaller sibling Mythos 5 on June 12, restricting international access to the models over national-security concerns.

GPT-5.6's jailbreak vulnerability, surfacing barely a month after the Fable 5 precedent and from an even more rigorous evaluator in AISI, puts OpenAI in a genuinely uncomfortable position: the same government apparatus that restricted a rival's model over comparable findings now has a documented basis to consider similar action against GPT-5.6, right as OpenAI is rolling the model out as the backbone of ChatGPT Work's enterprise push and marketing it explicitly on its cybersecurity strength.

The episode reinforces a pattern playing out across every frontier lab simultaneously: as models get more capable at general reasoning and coding, that same capability increasingly transfers directly into offensive cyber capability, and safety evaluations by independent bodies like AISI are becoming the critical bottleneck determining whether a model ships broadly, ships restricted, or faces export controls after the fact.

For enterprise buyers evaluating GPT-5.6 for security-sensitive workloads, including exactly the kind of connected, cloud-running agent tasks ChatGPT Work is built around, the AISI finding is a reason to demand independent safety-evaluation transparency before deployment, not just take a lab's own marketing claims at face value. For founders building on top of frontier models, the Fable 5 and GPT-5.6 pattern suggests export-control risk is now a live, recurring feature of the frontier-model landscape rather than a one-off regulatory response.

The bear case: universal jailbreaks discovered by a national security agency don't necessarily translate into export controls -- the Fable 5 case may reflect a specific, escalated US government posture rather than an automatic regulatory response every time a similar vulnerability surfaces. What to watch next: whether the US government opens a formal review of GPT-5.6 comparable to the Fable 5 process, and whether OpenAI patches the specific universal jailbreak AISI identified before or after any government response.

ShareXLinkedInEmail
More onAnthropic โ†’OpenAI โ†’

Originally reported by Fortune. Analysis and editorial commentary by Value Add Pulse.

โ† Back to Pulse

THE WIRE in your inbox

Tech, startup & VC news with Trace's take. Free, no spam.

Read Next

AI

The AI Race Shifts From Bigger Models to Cheaper, Smarter Systems

Companies are increasingly choosing AI models by task, cost and control rather than leaderboard rank, CNBC reports, as teams route work to the cheapest model that's good enough.

AI

OpenAI Launches ChatGPT Work, Retires Atlas Browser

OpenAI rolled out ChatGPT Work, a cloud agent with write access to email, Slack, calendars and code repositories, while sunsetting its year-old Atlas browser on August 9 and folding its features into the new desktop app.

AI

86% of Enterprises Say Their GPUs Run at Half Capacity or Less

A VentureBeat survey of 573 technical leaders finds 86% of enterprises running their own GPUs report utilization of 50% or less, direct evidence for Wall Street's debate over whether the AI buildout is overbuilt.

@Trace_Cohenยทt@nyvp.com