OpenAI has announced Patch the Planet, a new initiative under its Daybreak cybersecurity program, designed to support the open source community. The company is partnering with Trail of Bits, a renowned cybersecurity firm, which has committed its entire security research organization to the project.
How Patch the Planet reduces maintainer burden
According to Trail of Bits, models like GPT-5.5-Cyber can produce a firehose of security findings for users, but project maintainers, already stretched thin, must sift through them to identify real vulnerabilities from false positives. Patch the Planet eases this burden by connecting maintainers with security researchers, who use OpenAI's top models and Codex Security to identify vulnerabilities and review findings before they reach the maintainers. Researchers then work with maintainers to develop and test patches, as well as create workflows that maintainers can follow to continuously improve their projects' security.
Sponsored Protocol
First week results: 51 issues found, 19 fixed
During the initiative's first week, Trail of Bits security engineers worked with 19 open source projects using OpenAI's Codex and GPT-5.5-Cyber models. The firm reported discovering hundreds of legitimate bugs and 51 issues, of which 19 have already been fixed. Participants in the first round include cURL, NATS Server, pyca/cryptography, Sigstore, aiohttp, the Go project, freenginx, Python, and python.org. OpenAI stated that more projects will join in future rounds.
The Daybreak context and response to Anthropic
OpenAI launched Daybreak in May in response to Anthropic's Project Glasswing. The company explained that Daybreak is built on the premise that cyber defense should be built into software from the start, not just revolve around finding and fixing vulnerabilities. Its goals are to reduce hours of analysis to minutes and to quickly generate and test patches within repositories. While other AI coding tools, such as Claude, have recently faced reliability issues (as reported in our article Claude Code down), OpenAI is demonstrating a proactive security approach.
Sponsored Protocol
For more on open source security, see the Wikipedia page on open-source software security.
Source: https://www.engadget.com/2199569/openai-new-daybreak-initiative-open-source-projects-bugs
