A study by Cato Networks reveals that OpenAI’s ChatGPT-5.5 can execute a full-scale cyber-attack from a single prompt, achieving domain-level access within 40 minutes. The experiment, conducted in a controlled environment, demonstrated the model's capability to automate complex offensive operations, including reconnaissance and data exfiltration.
Cato highlights the model's adaptability in varying conditions and stresses that while it may not discover new attack techniques, it significantly accelerates existing attack workflows. This research raises concerns about the potential misuse of AI tools in cybercrime as threat actors increasingly leverage such technologies.