OpenAI unveiled an upgraded GPT-5.5-Cyber alongside a bold initiative called Patch the Planet. The goal: fix open-source software bugs before AI-powered attackers find them first. This effort kicked off June 22, 2026, already working with over 30 open-source projects.
Patch the Planet offers free security consulting to open-source maintainers. In just one week, OpenAI and research partner Trail of Bits uncovered hundreds of bugs and delivered dozens of patches. Dan Guido, a key voice in the project, called it “an internet-scale effort to help open-source software get ahead of AI bug-hunting tools.”
OpenAI’s GPT-5.5-Cyber isn’t just a patch machine. It scored 85.6 percent on CyberGym, a benchmark testing AI’s cybersecurity skills. This is a marked improvement from previous versions. The model can connect minor vulnerabilities into realistic attack chains, exposing risks defenders might miss.
Anthropic’s Project Glasswing expanded its reach to more than 150 organizations across 15 countries. This global network has identified over 10,000 high- or critical-severity vulnerabilities. The scale dwarfs Patch the Planet but shares the same goal: preempt AI cybersecurity threats at the source.
Meanwhile, BT Group announced plans to integrate AI tech to harden its network defenses. Telecom’s turn to AI-backed security shows the rising industry demand for automated protection tools amid escalating cyber threats.
U.S. Government Steps Into AI Cybersecurity
On June 2, 2026, the White House issued an executive order titled “Promoting Advanced Artificial Intelligence Innovation and Security.” The order sets a voluntary federal framework for prerelease access to advanced AI models. Developers of “covered frontier models” must give the government up to 30 days for prerelease review.
While participation is voluntary, the risks of ignoring the framework—national security scrutiny and reputational damage—make it nearly mandatory in practice. The Director of the NSA will decide which models qualify as “covered frontier models,” a label carrying heavy oversight.
The order also mandates classified benchmarking processes to assess AI’s advanced cyber capabilities. Agencies like NIST, CISA, and the NSA must build and maintain these benchmarks within 30 days. Evaluating criteria for high-risk AI functions will follow within 60 days.
Enforcement gets teeth too. The Attorney General will prioritize cracking down on illegal AI use for unauthorized access or damage. Critical infrastructure operators must watch for developments around a Treasury-led cybersecurity clearinghouse.
Justin Beals, CEO of Strike Graph, emphasized the need for clear standards and evaluation. Analyst Guy Currier highlighted AI’s growing role in automated warfare and complex cyberattacks. The U.S. government’s push signals a new era where AI innovation and security face equal pressure.
OpenAI and Anthropic’s cybersecurity efforts align with this evolving landscape. Both projects attack vulnerabilities at scale. The government sets rules to keep AI from becoming a national security threat. The race to patch and police AI is on—and it’s only just beginning.
Based on
- OpenAI Launches Full-Scale Effort to Patch Open-Source Bugs as It Takes on Anthropic’s Mythos — wired.com
- OpenAI’s Daybreak: A Revolutionary AI Security Initiative (2026) — getitagainmacho.com
- AI Shifts Cybersecurity’s Hardest Problem from Finding Flaws to Fixing Them — Pure AI — pureai.com
- Anthropic Expands Project Glasswing: Claude Mythos Access for 150 New Partners – Is It Enough? (2026) — esgamselect.com
- New Executive Order Sets Voluntary Framework For AI Oversight And Cybersecurity – New Technology – United States — mondaq.com
