OpenAI Launches GPT-5.5-Cyber and Patch the Planet

OpenAI launched three connected cybersecurity products on June 23, 2026, expanding its Daybreak platform with the full version of GPT-5.5-Cyber, a Codex Security plugin, and an open-source initiative called Patch the Planet. The bundle is reported in detail by AIToolsRecap.

The launch reads as OpenAI's direct answer to Anthropic's Project Glasswing. Both labs have now concluded that defensive cybersecurity is where frontier AI is most immediately useful and most politically defensible.

What GPT-5.5-Cyber Can Actually Do

GPT-5.5-Cyber sets a new state of the art on the CyberGym benchmark, reaching 85.6% against 81.8% for standard GPT-5.5, according to AIToolsRecap. The model is tuned to be more permissive and more capable for authorized defensive work.

That work includes tracing whether vulnerable code is reachable, validating issues in controlled environments, and preparing patches for human review. Access stays gated behind OpenAI's Trusted Access for Cyber program, which relaxes automated refusals for approved defenders while continuing to block credential theft, persistence, and malware deployment.

The production demonstration is the part that will get attention. AIToolsRecap reports that Trail of Bits engineers used repeated Codex runs with the model to build a full fuzzing lab covering dozens of entry points in under a day, work the firm estimates would normally take several weeks.

On the Linux kernel specifically, the model scanned more than 30 million lines of code and validated its findings dynamically. It generated 8 kernel pointer information-leak proof-of-concepts and 24 local privilege-escalation exploits in the process.

Patch the Planet Targets Open-Source Infrastructure

Patch the Planet is built with Trail of Bits and HackerOne, and more than 30 open-source projects have committed to take part. Initial participants include cURL, Go, Python, Sigstore, and pyca/cryptography.

An opening five-day sprint across several of those projects surfaced hundreds of issues, merged dozens of patches, and produced reusable testing workflows. The strategic logic is identical to what Anthropic built with Glasswing, namely fix real flaws in critical infrastructure, build trust with government, and earn the standing that protected Glasswing when Fable 5 was suspended.

The Codex Security plugin is the quieter but more strategic piece. It embeds vulnerability scanning into the same editor where code is written, which is exactly the layer where enterprise AI security increasingly has to live to be used at all.

How This Fits OpenAI's Wider Platform Play

If developers write code with Codex and scan it with Codex, OpenAI owns both sides of the workflow. That is the same ownership pattern visible in the rollout of OpenAI's GPT-5.1 Codex models across coding surfaces over the past year.

The company already has the distribution to make this stick. OpenAI has said Codex serves more than 2 million weekly users, growing more than 70% month over month, in its own funding announcement. A security layer dropped into that footprint reaches a large installed base on day one.

Why OpenAI Is Late and Racing to Catch Up

OpenAI is behind in enterprise cybersecurity, and the timing of this launch reflects it. Build Fast with AI notes that Anthropic established Glasswing in April 2026 with more than 150 partner organizations, including AWS, Apple, Google, and Microsoft, giving it a multi-month head start that Daybreak is designed to close.

The competitive backdrop sharpened when the US government briefly export-controlled Anthropic's Fable 5 and Mythos 5 in mid-June. That action validated the security sensitivity of frontier models and pushed every major lab to stake out a defensible position, a dynamic tracked across AI Weekly's OpenAI coverage.

Glasswing survived that shutdown. Daybreak is OpenAI positioning itself for the same protected status if regulators ever move against its models.

What to Watch Next

The near-term signal is adoption inside developer tooling. The Codex Security plugin will only matter if teams accept scanning as a default step rather than a separate tool, the same shift that turned configurable coding agents from novelty into routine.

The longer-term signal is government posture. If Patch the Planet keeps fixing real vulnerabilities in cURL, Python, and the Linux kernel, OpenAI gains the same political insulation that kept Glasswing online. The race now is less about benchmark points and more about which lab becomes infrastructure no regulator wants to switch off.