Five Eyes puts frontier AI hacking models months away
The remedies are patch faster, fix legacy systems, and plan incidents, which is comforting only if those were new ideas.
TL;DR
CyberScoop reports that Five Eyes intelligence agencies, with NSA and CISA leaders signing on, expect frontier models with advanced hacking capability to become broadly public within the year. The practical audience is state CISOs, federal executives, government contractors and CMMC Certified Third-Party Assessment Organizations (C3PAOs) watching fragile patch loops. The warning compresses strategy into hygiene: legacy exposure, identity controls and incident planning now become calendar-year risk, because the agencies' cure is mostly the same work everyone deferred.
CyberScoop reports that intelligence agencies for the United States, Canada, United Kingdom, Australia and New Zealand have made the AI cyber timeline official: advanced models capable of meaningful exploitation are expected to become broadly available to the public within months. Signatories included NSA Cybersecurity Directorate Director David Imbordino and acting CISA Director Nick Andersen. The agencies did not cite classified sources or methods in the statement, according to the report, but the public record has been moving the same way for months.
The first formal Five Eyes version of the warning matters because it cuts through the controlled-release story the AI industry prefers. The agencies say advanced hacking capability from frontier models will spread despite efforts by AI companies to restrict access. Older commercial models, open-source variants, foreign sources and black-market access already give attackers pieces of the toolchain. The restricted frontier model is less a vault than a preview window.
The unnerving part is how familiar the advice is. Five Eyes flags legacy systems, slow patching, unnecessary internet exposure, weak identity and access controls, and missing pre-incident plans. That is the same list security teams have carried into budget meetings for years. AI changes the tempo. It can search, chain and adapt faster than the asset owner can schedule a maintenance window, which turns an ordinary backlog into an attack surface with a deadline.
Current U.S. policy is softer than the Five Eyes timeline implies. CyberScoop reported earlier this month that the Trump administration's revised AI executive order kept pre-release model access voluntary, reduced government access from 90 days in earlier drafts to up to 30 days, and disclaimed any licensing regime: https://cyberscoop.com/donald-trump-white-house-ai-executive-order-scaled-back/. CISA has moved faster on federal patch triage, with BOD 26-04 giving agencies three days to fix vulnerabilities meeting all four high-risk criteria and 180 days to meet the new remediation timelines: https://cyberscoop.com/cisa-vulnerability-remediation-directive-bod-26-04/. Those are real moves. They still leave the central question open: whether model access limits and federal defensive AI adoption get binding clocks before the public models arrive.
For state CISOs, contractor executives and C3PAOs, the operational read is plain. Treat AI-accelerated exploitation as a 2026 control failure scenario. Inventory internet exposure, shorten remediation cycles around exploited and automatable flaws, move legacy remediation from wish lists into funded plans, and test incident response before the first AI-generated chain hits production. If the Five Eyes timeline is right, deliberation is now the expensive option.
Published ·Deep Fathom