OpenAI Unveils GPT‑5.5‑Cyber, Codex Security Plugin, Patch the Planet

On June 22 2026, OpenAI announced the full release of its GPT‑5.5‑Cyber model, a cybersecurity‑focused variant that achieved 85.6 % on CyberGym, 39.5 % on ExploitGym, and 69.8 % on SEC‑bench Pro. The launch was accompanied by a new Codex Security plugin that offers out‑of‑the‑box defensive workflows, allowing developers to scan entire codebases or specific commits, generate severity‑rated reports, build threat models, and auto‑generate patches. In partnership with Trail of Bits and HackerOne, the “Patch the Planet” initiative has already enlisted more than 30 open‑source projects—including cURL, Go, Python, and pyca/cryptography—to move from findings to fixes at scale. The plugin has processed over 30 million commits, manually validated 70 000 findings, and automatically confirmed 500 000 fixes, dramatically reducing maintainer triage and providing human‑reviewed patches and reusable CI/CD pipelines.

OpenAI’s Daybreak program, which now includes a Cyber Partner Program, positions GPT‑5.5‑Cyber as a core component of modern security operations. The announcement also highlighted other developments from the same period: the release of GLM‑5.2, an open‑weight model that ranks third overall on GDPval‑AA with 1 524 Elo, 3 M context, and a cost of $0.41 per 1 k tokens; the launch of Fugu, an orchestration API that learns model selection, delegation, verification, and synthesis across multiple frontier models; and the general availability of Google’s Interactions API, which becomes the default for Gemini agents and offers background async execution, expanded tool support, multimodal generation, and an isolated Antigravity sandbox. These updates were compiled from Twitter and AINews between 20‑22 June 2026.

Reactions to the rollout have been mixed. While many in the tech community praise the scale and automation of Patch the Planet, critics have raised concerns over Fugu’s opaque baselines, missing cost accounting, and questionable reporting, calling for transparent evaluation of orchestration systems. Nonetheless, the initiative’s partnership with U.S. government agencies and alignment with executive orders and industry standards signal a strong push toward AI‑driven patch automation as a foundational security practice.

The broader context includes OpenAI’s ongoing infrastructure upgrades, such as the Jalapeño chip, and the industry’s growing focus on integrating AI into security workflows. Although a separate article about SpaceX’s $28 B/yr neocloud was referenced, its content remains incomplete, leaving the focus of this summary on OpenAI’s cybersecurity advancements.