Cybersecurity AI time horizons are growing exponentially.

The UK's AI Security Institute found that the length of tasks that AIs could do is doubling roughly every 8 months. That’s actually an upper bound; it could be even faster. They estimated this after testing different AIs on vulnerability discovery/exploitation, malware-development, CTF challenges, and more. Unassisted task lengths went from less than 10 minutes in early 2023 to over an hour by mid 2025.

2025 saw the first expert-level task completions.

AIs have already become incredibly useful for cyberthreat actors, with Anthropic recently revealing that its Claude AI was used to perform a sophisticated campaign of cyberattacks across government and industry, mostly without human input, at scale.

But if this observed trend holds, AIs are going to get a lot better at cyber, rapidly.

Cyber isn't a special case. AISI's frontier AI trends report states "AI capabilities are improving rapidly across all tested domains", which includes capabilities relevant to biology, chemistry, and loss-of-control risks.

Losing control of smarter-than-human AIs could be disastrous and could lead to human extinction.

See our breakdown of AISI's Frontier AI Trends report below.