While Anthropic has spent months showing how well Claude finds security holes through Project Glasswing, OpenAI is catching up. On June 22 the company significantly expanded its cybersecurity program Daybreak — and launched ‘Patch the Planet’, an initiative aimed squarely at open-source maintainers.
What was announced
Three things at once: the full version of the specialized GPT-5.5-Cyber model, a Codex Security plugin (find, validate and fix vulnerabilities right inside Codex), and Patch the Planet itself — built with security firms Trail of Bits and HackerOne. The idea: pair AI-assisted vulnerability research with human expert review across the whole loop, from discovery through validation and disclosure to a tested patch.
The benchmarks make a statement. GPT-5.5-Cyber sets a new state of the art on CyberGym at 85.6 percent (GPT-5.5: 81.8 percent). The concrete results matter more: across the Linux Kernel, the model analyzed security-relevant components over more than 30 million lines of code and generated, among other things, 8 kernel pointer info-leak proof-of-concepts and 24 local privilege escalation exploits. Trail of Bits has put full-time engineers on 19 open-source projects — already surfacing hundreds of issues and merging dozens of patches.
The catch is still the catch
Let’s be honest: the exact model that finds and validates holes could also exploit them. OpenAI even publishes this on ExploitGym — GPT-5.5-Cyber turns known vulnerabilities into working exploits more reliably than its predecessor. That’s the dual-use reality of any good cyber model: defense and offense are the same skill, just pointed in different directions.
My take
What’s interesting here isn’t the single model — it’s the pattern. Anthropic and OpenAI are in an open race on AI cybersecurity: Glasswing versus Daybreak. And both have realized the biggest lever isn’t their own code but the open-source infrastructure half the internet runs on — often maintained by a few, overstretched volunteers.
If AI genuinely patches real holes at scale there, that’s a tangible win for everyone — including people who’ll never say a word about LLMs. As long as the defenders stay faster than the attackers. That’s the whole bet.
Sources: OpenAI: Patch the Planet, TestingCatalog, SecurityBrief