OpenAI's Daybreak puts GPT-5.5-Cyber to work finding real vulnerabilities
OpenAI has announced Daybreak, a package of tools aimed at defensive security work: finding, validating, and fixing software vulnerabilities. The two pieces it leads with are GPT-5.5-Cyber, a cyber-tuned version of its model, and Codex Security, which OpenAI says builds a threat model specific to a codebase, explores realistic attack paths, validates issues in isolated environments, and proposes patches for a human to review.
The numbers OpenAI gives are the reason to pay attention. It says GPT-5.5-Cyber went through more than 30 million lines of the Linux kernel, flagged security-relevant components, and then validated them by generating working proof-of-concepts: 8 kernel pointer information leaks and 24 local privilege escalation exploits. The company also lists validated findings in Firefox, the V8 JavaScript engine, Safari, OpenBSD, FreeBSD, and HTTP/2 implementations. A companion initiative, Patch the Planet, points the same tools at open source maintainers to help them triage and fix reports.
OpenAI frames this as defender-side, gated behind a Trusted Access for Cyber program with verification, monitoring, and human sign-off. That framing matters, because the same capability that writes a privilege-escalation proof-of-concept for a defender writes one for an attacker. The announcement is the place to check the claims, since the model that finds 24 exploits in a codebase is also the model someone else can point at yours.
Why it matters
If you maintain widely used software, assume both defenders and attackers now have a model that can find and prove exploitable bugs at this scale. Worth doing: run your own scans first, and watch how well the Trusted Access gating holds.