OpenAI has launched Patch the Planet, a new initiative under its Daybreak cybersecurity program, to help open-source projects fix bugs faster. The company is partnering with cybersecurity firm Trail of Bits, which has committed its entire security research team to the effort.
How Patch the Planet works
While AI models like GPT-5.5-Cyber can generate a flood of security findings, project maintainers often lack the time to sort through them. Patch the Planet reduces this burden by pairing maintainers with security researchers who use OpenAI's Codex and GPT-5.5-Cyber to identify genuine vulnerabilities and review findings before they reach the maintainers. The researchers then collaborate on developing and testing patches, and create workflows for ongoing security improvements.
First results and participants
During the first week, Trail of Bits engineers worked with 19 open-source projects, discovering hundreds of legitimate bugs and 51 issues, 19 of which have already been fixed. Participants included cURL, NATS Server, pyca/cryptography, Sigstore, aiohttp, the Go project, freenginx, Python and python.org. OpenAI plans to add more projects in future rounds.
Background of Daybreak
OpenAI launched Daybreak in May in response to Anthropic's Project Glasswing. The program is built on the idea that cyber defense should be integrated into software from the start, not just focused on finding and fixing vulnerabilities. Its goals include reducing analysis time from hours to minutes and rapidly generating and testing patches within repositories.