OpenAI Says AI Broke Cybersecurity — Now It Wants AI To Fix It
OpenAI Says AI Broke Cybersecurity — Now It Wants AI To Fix It
Publish Date: 2026-06-22 16:08:00
Source Domain: www.benzinga.com
Using an unordered list, summarize the following article with between 4 and 8 key points. OpenAI has expanded its Daybreak security effort with new tools and partnerships to speed up software patching.The effort includes a Codex Security plugin release and the full launch of GPT‑5.5‑Cyber for vetted defenders. OpenAI designed Daybreak to help organizations move more quickly to help “democratize patching vulnerable software at machine speed.””For example, we’ve applied our models to discover and generate patches for critical vulnerabilities in major browsers, network infrastructure and operating systems such as Free BSD and the Linus Kernel,” the company said.”AI has changed the physics of cybersecurity. Frontier AI models have been increasingly accelerating vulnerability discovery. The bottleneck historically has been finding vulnerabilities, but now defenders are overwhelmed with the number of vulnerabilities found. Instead, the bottleneck is now patching vulnerabilities.”The Daybreak Cyber Partner Program lets security vendors incorporate GPT‑5.5 with Trusted Access for Cyber into their products and services while keeping direct model access with participating partners. OpenAI Wants To ‘Patch The Planet’OpenAI also revealed an initiative called “Patch the Planet,” a collaboration with HackerOne, Calif, as well as researchers and maintainers that will “help widely use open-source projects move from findings to fixes.” More than 30 open-source projects have signed on to participate in Patch the Planet, with early names including cURL, Go, Python, Sigstore, and pyca/cryptography.”With Patch the Planet, we are working with researchers, maintainers, enterprises, and partners to make powerful cyber capability available to defenders with appropriate access, governance, and human oversight,” the company wrote.The updated Codex Security plugin is designed to help developers run scans, assess severity, collect validation evidence, map potential attack paths, and generate patches tailored to a specific codebase for human review. OpenAI said the plugin can also ingest findings from other sources such as scanners, advisories, bug bounties, or ticketing systems, and then automate patch creation at scale and export results into existing vulnerability-management workflows.OpenAI is rolling out the full version of GPT-5.5-Cyber to trusted defenders after an earlier preview focused on improving performance in authorized cybersecurity work. The company said the model outperformed GPT-5.5 on benchmarks including CyberGym, ExploitGym and SEC-bench Pro.OpenAI is also expanding its cybersecurity partnerships with governments and critical infrastructure operators, including agencies in the U.S., Australia, Canada, France, Germany, Japan, South Korea and EU institutions such as ENISA. The company said the effort aims to strengthen safeguards, help defenders respond faster and make it harder for attackers to exploit real-world systems.Image: Shutterstock
