OpenAI releases GPT-5.5-Cyber, a specialized AI model for finding and patching software flaws, alongside an updated security plugin and partnerships with over 25 security firms and several governments.

THE DECODER3h ago2 min read

Summaries like this, in your inbox every morning.

3 Key Points

What happened
OpenAI launched the full version of GPT-5.5-Cyber, a model designed to find and patch software vulnerabilities, along with an updated Codex Security plugin that automates the full workflow from flaw discovery to patch generation. The company also established the Daybreak Cyber Partner Program with security firms including Cisco, CrowdStrike, Cloudflare, and Palo Alto Networks, as well as partnerships with governments including Australia, Canada, France, Germany, Japan, South Korea, and the UK.
Why it matters
According to OpenAI, the bottleneck in cybersecurity has shifted from identifying flaws to actually patching them. GPT-5.5-Cyber leads on key benchmarks—scoring 85.6% on CyberGym, 39.5% on ExploitGym, and 69.8% on SEC-bench Pro—outperforming Anthropic's Mythos 5 on the measures where both were tested. The updated Codex Security plugin has already scanned over 30 million commits and flagged over 500,000 findings, suggesting practical utility for developers at scale.
What to watch
GPT-5.5-Cyber access is deliberately restricted to verified defenders only and is tied to verification, monitoring, and guardrails. OpenAI recommends most users pair GPT-5.5 with Trusted Access for Cyber and Codex Security instead. An open-source patching initiative called Patch the Planet, launched with Trail of Bits, HackerOne, and Calif, has already signed on more than 30 open-source projects including cURL, Go, and Python.

No comments yet. Be the first to share your thoughts!

Get curated AI news from 200+ sources delivered daily to your inbox. Free to use.

Free · takes 30 seconds · unsubscribe anytime

5 minutes a day. The AI essentials.

200+ sources · Email / LINE / Slack