Open-weight AI models like GLM-5.2 and DeepSeek V4-Pro now perform at the level of proprietary frontier models from just four months ago, according to the British AI Security Institute. This represents a dramatic acceleration in the capability gap.
At the start of 2025, open models lagged behind closed frontier systems by six to ten months in cyber capabilities. That window has collapsed to four to seven months. The compression matters because it means dangerous offensive AI skills spread faster and cheaper across the threat landscape.
The AISI report identifies a second, more urgent problem: safety measures on open-weight models are largely ineffective. Unlike closed systems where companies control deployment and can implement restrictions, open models ship without meaningful safeguards. Attackers can remove what little protection exists.
This creates asymmetric risk. Defenders face shrinking preparation time while attackers gain access to state-of-the-art cyber tools at minimal cost. Open-weight models typically cost far less to run and fine-tune than proprietary alternatives, lowering barriers for malicious actors.
The findings challenge the assumption that open-sourcing AI models accelerates safety research by enabling broader scrutiny. While transparency has benefits, the AISI data suggests the actual impact favors offense over defense. Security researchers get more time to study risks when there's a meaningful lag between frontier and open capabilities. A four-month window leaves little room for defensive preparation before dangerous tactics become widely available.
The report raises hard questions about open-weight model release practices. Companies face pressure to distribute models for research and competition, but the cybersecurity timeline suggests this strategy optimizes for speed over security. The gap will likely continue narrowing as open-weight development accelerates, compressing the window further.