
GPT-5.5-Cyber
OpenAI's GPT-5.5-Cyber is a cybersecurity-specialized fine-tune of GPT-5.5, restricted to vetted defenders through the Daybreak Cyber Partner Program and rated 85.6% on the CyberGym benchmark.
They summarize our coverage. We write it.
Newsletters like this one rebroadcast our headlines - often without the full review, the source reading, or the analysis underneath. Our weekly briefing sends the work they paraphrase, straight from the desk, before they get to it.
Free, weekly, no spam. One email every Tuesday. Unsubscribe anytime.

OpenAI's GPT-5.5-Cyber is a cybersecurity-specialized fine-tune of GPT-5.5, restricted to vetted defenders through the Daybreak Cyber Partner Program and rated 85.6% on the CyberGym benchmark.

XBOW's benchmarks show GPT-5.5 cuts vulnerability miss rate to 10%, matches Anthropic's restricted Mythos - and is available to all ChatGPT subscribers.

OpenAI's GPT-5.4-Cyber is a restricted model fine-tuned for defensive cybersecurity with binary reverse engineering and reduced refusal rates, available only through identity-verified access tiers - a direct response to Anthropic's Mythos Preview.

A 26B MoE model fine-tuned on elite bug bounty reports and real evasion techniques runs locally in 16.7GB, delivering WAF bypasses, exploit chains, and zero refusals with internal reasoning blocks.

Microsoft's March 2026 Patch Tuesday fixes 84 vulnerabilities including a CVSS 9.8 RCE discovered by XBOW's autonomous AI agent, an Azure MCP Server SSRF, and an Excel XSS that hijacks Copilot to exfiltrate data.

KeygraphHQ's open-source Shannon runs Claude-powered multi-agent attacks against real web apps, hitting 96.15% on the XBOW benchmark and finding 30+ flaws in OWASP Juice Shop.

A security researcher found that the mcp-kali-server package - shipped in Kali's official repos - interpolates AI-supplied parameters directly into shell commands with shell=True, enabling trivial arbitrary command execution.

Kali Linux's new Claude AI integration funnels scan results, target IPs, and discovered vulnerabilities through Anthropic's cloud API, and the guide's only privacy note is a parenthetical shrug.

A comprehensive roundup of 15+ platforms for practicing AI security, LLM red teaming, prompt injection, and AI agent exploitation - from free CTFs to enterprise cyber ranges.