OpenAI announced today a large-scale initiative called Patch the Planet, designed to help open-source software maintainers find and fix security vulnerabilities. Partnering with cybersecurity firm Trail of Bits and vulnerability management platforms HackerOne and Cali, the project offers free security consulting services to strengthen code bases and integrate AI tools into development workflows. The goal is to provide personalized support to as many projects as possible, improving immediate security and long-term resilience.
An alliance against vulnerabilities in free software
The project has already kicked off with a five-day sprint where 25 engineers from Trail of Bits collaborated with numerous maintainers. According to Dan Guido, CEO and co-founder of Trail of Bits, Patch the Planet is not a one-size-fits-all approach: we talk to every maintainer to understand their priorities, whether it's building better testing infrastructure, creating custom fuzzers, or cleaning up technical data. The initiative has already uncovered hundreds of bugs and produced dozens of patches in its first week.
Sponsored Protocol
GPT-5.5-Cyber surpasses Mythos 5 in benchmarks
Concurrently, OpenAI revealed a new version of GPT-5.5-Cyber, a model specialized for cybersecurity. It scored 85.6% on the CyberGym benchmark, beating Anthropic's Mythos 5 which scored 83.8%. This performance comes amid intensifying competition between OpenAI and Anthropic, both preparing for IPOs. The Trump administration earlier forced Anthropic to pull its Fable 5 and Mythos 5 models over cybersecurity concerns, as reported in a previous article. Read the story on Anthropic.
Sponsored Protocol
Patch the Planet and the impact on open-source maintainers
Open-source maintainers, often volunteers with limited resources, are overwhelmed by the growing number of bug reports, many AI-generated. OpenAI and Trail of Bits are subsidizing the use of the Codex Security scanner, with 20 trillion tokens already allocated. The initiative offers participants six months of free ChatGPT Pro and Codex Security, plus infrastructure improvements. Guido notes that only half the time was spent finding bugs; the other half was dedicated to customizing AI agents to work on code bases, leaving maintainers with tools and knowledge to use them going forward.
Sponsored Protocol
A warning from Five Eyes intelligence
The Five Eyes intelligence alliance issued an unusual joint statement today, warning that frontier AI models will transform offensive and defensive cyber capabilities. The timeline is not years, it is months, they stated, urging improved cyber resilience. The race for AI cybersecurity is now a global priority, and OpenAI's Patch the Planet initiative fits into this scenario, aiming to protect the open-source ecosystem from emerging threats.
For further details, see the original article on Wired: OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs.
