OpenAI announced on June 22, 2026 an expansion of Daybreak, its cybersecurity program, releasing the full version of GPT-5.5-Cyber, an artificial intelligence model built to find and help patch software flaws. The model is available only to "verified defenders", security teams whose authorized work calls for the most advanced capabilities, and it arrives alongside an open-source initiative and a partner program.
The context, according to the company, is a shift in the center of gravity of cybersecurity. For years the hard part was discovering vulnerabilities; with AI models speeding that discovery up, the bottleneck has moved to fixing everything that is found before an attacker can use it.
What GPT-5.5-Cyber does, and what OpenAI measures
The company describes it as its strongest model yet at locating and helping repair vulnerabilities, while keeping the general intelligence of the GPT-5.5 family. In practice, according to OpenAI, it works across large codebases, checks whether vulnerable code is reachable, validates the issue in a controlled environment, develops and tests a patch (a software fix), and prepares the evidence for human review.
The figures come from standardized tests (benchmarks). On CyberGym, which measures whether an agent can reproduce known vulnerabilities, GPT-5.5-Cyber reached 85.6%, against 81.8% for GPT-5.5, the highest score OpenAI says it has measured from a single model. The company also reports 39.5% (against 25.95%) on ExploitGym, which tests whether a known flaw can be turned into a working exploit, code able to run commands on the target machine without authorization; and 69.8% (against 63.1%) on SEC-bench Pro. OpenAI cautions that benchmarks are only part of the story and that it is still evaluating the model on real projects as responsible disclosure of those flaws wraps up.
Restricted access to a more permissive model
The release carries a tension the company acknowledges: GPT-5.5-Cyber is deliberately more permissive than general-purpose models, meaning it refuses fewer sensitive security requests. That is why it is not open to everyone. OpenAI keeps it in a limited release to verified defenders, "paired with stronger verification, monitoring, scoped controls, and review", and says that for most teams the right starting point remains the ordinary model. It also launched the Daybreak Cyber Partner Program, which lets security vendors use the technology in their products without handing over direct access to the model.
To support the scale, the company points to Codex Security, the tool that folds these capabilities into the developer's workflow. Since launching in preview in March, it says it has scanned more than 30 million code changes across more than 30,000 codebases; human reviewers marked more than 70,000 findings as fixed, and more than 500,000 were determined to be fixed automatically.
Open source and the European angle
The third piece is Patch the Planet, an initiative founded with Trail of Bits, in collaboration with HackerOne, to fund researchers working directly with the maintainers of open-source projects. More than 30 projects have joined, including ones that millions of systems depend on, such as cURL, Go, Python, Sigstore, and pyca/cryptography. The problem it targets sits in a study OpenAI cites, from the Linux Foundation and Harvard: in 94% of the widely used projects it examined, fewer than ten developers accounted for more than 90% of the code added in a year. Small teams hold up critical infrastructure, and AI, by generating still more reports, adds to their load.
There is a European angle. The company says it has set up trusted-access partnerships over the past month with Australia, Canada, France, Germany, Japan, South Korea, and European Union institutions such as ENISA, the EU's cybersecurity agency. It also says it is in ongoing dialogue with the United States government about preparing its next models.
For now, the honest reading is a promise yet to be confirmed. The capabilities that help close flaws are the same ones that, in other hands, would open them, and the safeguard chosen is procedural: limit access and watch how it is used. Whether that line holds remains to be seen, and the numbers behind it are, for the most part, the company's own, awaiting independent evaluation.
Sources: OpenAI, The Hacker News.
#StaySafe
🙏🖖
