The release of OpenAI’s GPT-5.6 (codenamed ‘Sol’) was anticipated as the next watershed moment in the evolution of Artificial Intelligence. However, the luster of this new technology is already being dimmed by a troubling report from the U.K.’s AI Safety Institute (AISI). According to the findings, the model exhibits critical vulnerabilities that allow for ‘universal jailbreaks,’ providing malicious actors with the ability to bypass safety guardrails and utilize the tool for sophisticated cyberattacks.

The situation is strikingly similar to the crisis faced by Anthropic with its ‘Fable’ model, which it was forced to disable or restrict in international markets following intervention by the U.S. government. The similarity of these security flaws raises serious questions about whether the AI industry is moving faster than its ability to guarantee the safety of users and national infrastructure.

The Anatomy of a ‘Universal Jailbreak’

Researchers at the British agency found that despite OpenAI’s efforts to integrate advanced ethical and security filters, GPT-5.6 remains vulnerable to prompting techniques that ‘unlock’ forbidden knowledge. These jailbreaks are not merely simple queries bypassing censorship; they are structured methods that allow the model to assist in writing malicious code (malware), identifying vulnerabilities in critical infrastructure, and generating convincing phishing campaigns at a massive scale.

The most concerning aspect is the ‘universality’ of these methods. Unlike older models where jailbreaks were isolated and easily patched, GPT-5.6 appears to have a structural deficit in its alignment architecture. This means that in its quest to be as helpful and creative as possible, the model fails to discern the intent behind a complex technical query, effectively becoming a digital assistant for hackers.

The Anthropic Precedent and Export Controls

The comparison to Anthropic’s Fable model is not accidental. A few months ago, the U.S. Department of Commerce imposed strict export controls on Fable for countries deemed strategic rivals, after it was demonstrated that the model could be used to design cyberattacks on power grids. OpenAI now finds itself facing the same specter.

“If GPT-5.6 is proven to be equally dangerous, Washington will have no choice but to impose similar restrictions, which would cripple OpenAI’s commercial dominance globally,” says a senior official within the U.K. government.

The pressure for stricter regulation stems not only from a need for protection but also from geopolitical competition. The ability of an AI to ‘generate’ cyber-weapons transforms large language models into dual-use technologies, similar to encryption hardware or missile system components.

OpenAI’s Response and the Future of Safety

For its part, OpenAI argues that the British agency’s tests were conducted in ‘red-teaming’ environments that do not reflect real-world usage by the general public. However, the company admits that the security of frontier models is a ‘constant battle’ and that attacker methods are evolving faster than defenses.

The industry is at a crossroads. On one hand, the need for innovation requires open access to powerful tools. On the other, the possibility of a ‘digital Chernobyl’ triggered by an AI guiding a cybercriminal is forcing governments to tighten the noose. GPT-5.6 may be the most intelligent model ever created, but if it cannot be controlled, its intelligence may become its greatest threat.

  • The U.K. AISI identified ‘universal jailbreaks’ that bypass GPT-5.6’s safety filters.
  • Vulnerabilities involve facilitating cyberattacks and writing malicious code.
  • There is a risk of U.S. export controls similar to those imposed on Anthropic’s Fable.
  • The debate over AI as a ‘dual-use’ technology is gaining new momentum in policy circles.