OpenAI Expands Daybreak With 85.6% GPT-5.5-Cyber and 30-Project Patching Push
Updated
Updated · OpenAI · Jun 22
OpenAI Expands Daybreak With 85.6% GPT-5.5-Cyber and 30-Project Patching Push
3 articles · Updated · OpenAI · Jun 22
Summary
OpenAI widened Daybreak beyond vulnerability discovery, rolling out an updated Codex Security plugin, full limited-release GPT-5.5-Cyber, a partner program, and Patch the Planet for open-source fixes.
85.6% on CyberGym for GPT-5.5-Cyber versus 81.8% for GPT-5.5 underpins the push, as OpenAI says AI has shifted cybersecurity’s bottleneck from finding flaws to patching them.
Codex Security has already scanned more than 30 million commits across 30,000-plus codebases, with reviewers marking 70,000 findings fixed and the system automatically determining over 500,000 fixes.
More than 30 open-source projects—including cURL, Go, Python, Sigstore and pyca/cryptography—have joined Patch the Planet, which funds researchers to validate issues, generate patches and reduce maintainer workload.
Trusted access remains central: GPT-5.5-Cyber is limited to verified defenders, while OpenAI is extending Daybreak through security partners and government-linked cyber partnerships in countries including Australia, Canada, France and Japan.
Is 'Patch the Planet' a real solution or a temporary fix for a problem AI itself worsens?
Can defensive AI win a cyber arms race that it is also helping to fuel?
AI vs. Cyber Threats: Inside the 2026 Arms Race and OpenAI’s Daybreak Response
Overview
The cybersecurity world is now an intense AI-driven arms race, where threats are growing faster and more dangerous than ever before. Advanced AI, especially large language models, can turn a simple patch difference into a working exploit in just 30 minutes, making old protection timelines useless. This rapid acceleration has overwhelmed open-source maintainers, as seen when HackerOne paused its bug bounty program due to the flood of AI-discovered vulnerabilities. As AI tools uncover security issues at record speed, the main challenge has shifted from finding vulnerabilities to fixing them quickly enough to keep up.