@FinanceYF5: 1/AI finding vulnerabilities is no longer the bottleneck. The bottleneck now is: found, but no one fixes. OpenAI today launched the Daybreak expansion plan, aiming to automate patching with AI. A thread to explain clearly

1/AI finding vulnerabilities is no longer the bottleneck.

The current bottleneck is: we’ve found them, but no one fixes them.

OpenAI launched the Daybreak extension program today, aiming to automate the patching process with AI as well 🔐

A thread to explain it all 👇 https://t.co/UT2hF0lbfH

2/First, look at the numbers Codex Security delivered in its first three months online:

【Scanned 30,000 code repositories】 【Scanned over 30 million commits】 【Over 500,000 vulnerabilities already fixed】

These are the results since the research preview launched in March.

At this pace, manual effort simply can’t keep up.

3/Also released today is the full version of GPT-5.5-Cyber.

It scored 【85.6%】 on the CyberGym benchmark, surpassing GPT-5.5’s 81.8%.

This is the highest single-model score to date.

Claude Opus 4.7 scored 73.1%, placing last.

4/Two more challenging real-world benchmarks also lead:

ExploitGym (ability to turn known vulnerabilities into usable exploits): GPT-5.5-Cyber 39.5% vs GPT-5.5 25.95%

SEC-bench Pro (long-chain vulnerability discovery): 69.8% vs 63.1%

These aren’t lab numbers — they test whether you can deliver impact in real systems.

5/There’s also a “Patch the Planet” program worth mentioning separately.

In collaboration with Trail of Bits, it funds security researchers to directly fix vulnerabilities in open-source projects.

The first batch includes over 30 open-source projects like cURL, Go, Python, and Sigstore.

94% of major open-source projects have 10 or fewer core developers — they simply don’t have the bandwidth to handle massive vulnerability reports.

6/This time they’ve also brought in global government partners:

Australia, Canada, France, Germany, Japan, South Korea, and EU agencies (including ENISA) — all have established Trusted Access for Cyber cooperation.

The goal is to let defenders upgrade at the same pace as AI accelerates vulnerability discovery exponentially.

It’s not just a commercial product — it’s about giving capability to all trusted defenders.

7/Finding vulnerabilities is just the start. Patching them is what truly protects the world.

OpenAI is now betting on this direction: 【From finding vulnerabilities to automatically fixing them】, completing the entire loop.

In which domain do you think AI-driven security automation will first take off?

OpenAI Daybreak official blog

That’s all for now.

If you enjoy this topic:

1. Follow me (@FinanceYF5)
2. Like + repost the first tweet below

The hotter the data center, the more power it saves?

NVIDIA Rubin server coolant can run at 45°C — hotter than a hot tub.

Traditional data centers rely on cold air, with cooling accounting for up to 40% of total electricity usage. The new logic: liquid directly contacts the chip to carry away heat, with outdoor dry coolers for natural heat dissipation — zero fans, water consumption near zero.

A 50MW data center can save over $4 million per year just on cooling.

Data centers no longer need to feel like freezers.