CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 23, 2026

OpenAI Expands Daybreak to Help Defenders Patch Flaws

Infosecurity Magazine Archived Jun 23, 2026 ✓ Full text saved

OpenAI expanded Daybreak with a full GPT-5.5-Cyber release to help defenders patch software flaws

Full text archived locally
✦ AI Summary · Claude Sonnet


    OpenAI has expanded its cyber-defense program Daybreak, arguing that artificial intelligence (AI) has flipped the hardest part of security from finding software flaws to fixing them. In an announcement on June 22, the company said the expansion centered on patch automation. It released the full version of a cyber-focused model, GPT-5.5-Cyber, alongside updates to its Codex Security tool and a new open-source patching initiative. A More Capable, More Permissive Model GPT-5.5-Cyber has now moved from preview to full release. However, access remains restricted and OpenAI said it was only offering access to the model to verified defenders through a limited release, paired with extra monitoring and controls. The firm described it as both more capable and more permissive than its general models for authorized security work. On CyberGym, a test of whether an AI agent can reproduce known vulnerabilities, OpenAI said the model scored a record 85.6%, against 81.8% for the standard GPT-5.5. It also reported gains in exploit writing and proof-of-concept (PoC) generation tests. Those same offensive-leaning skills are why access remains tightly gated, the company said.  Credit: OpenAI. Read more on AI and the patching burden: Patch Responsibility Remains Up for Grabs as AI Unearth Flaws At Scale From Findings to Fixes The patching push ran mainly through Codex Security, a tool that plugs into OpenAI's Codex coding assistant to scan code, validate flaws and generate fixes for human review. OpenAI said that since a March preview, it had scanned more than 30 million commits across 30,000 codebases, with over 500,000 findings logged as fixed. A newly launched initiative, Patch the Planet, founded with Trail of Bits and others, aims the same tools at open-source software. It funds researchers to help maintainers fix bugs, with more than 30 projects signed up, including cURL, Go and Python. OpenAI also opened a partner program letting security vendors such as CrowdStrike, Sophos and Fortinet, among others, build its models into their own products. OpenAI framed the effort as keeping humans in control and getting defensive tools to more organizations before attackers gain the same edge. It said it had agreed cyber partnerships with several governments and would work with critical infrastructure operators. The AI firm's benchmark figures came from its own testing, which it said was continuing on real-world fixes. Rival AI lab Anthropic launched a comparable AI bug-fixing program, Project Glasswing, in April.  Feature image credit: Samuel Boivin / Shutterstock.com
    💬 Team Notes
    Article Info
    Source
    Infosecurity Magazine
    Category
    ◇ Industry News & Leadership
    Published
    Jun 23, 2026
    Archived
    Jun 23, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗