OpenAI GPT-5.2-Codex Release and AI-Driven Vulnerability Detection
OpenAI has released GPT-5.2-Codex, a new AI model designed to enhance agentic coding and cybersecurity tasks, with notable improvements in vulnerability detection and software engineering workflows. The model demonstrates superior performance on benchmarks such as SWE-Bench Pro and Terminal-Bench 2.0, and excels in professional Capture-the-Flag challenges, supporting advanced tasks like fuzzing, attack surface analysis, and test environment setup. OpenAI has implemented stronger safeguards to mitigate dual-use risks and is offering the model to paid ChatGPT Codex users, with an invite-only pilot for vetted cybersecurity professionals focused on defensive applications. The model's capabilities have already contributed to the discovery of several critical vulnerabilities in React Server Components, including CVE-2025-55182 (RCE), CVE-2025-55183 (source code exposure), and CVE-2025-67779 (DoS), prompting urgent patching recommendations.
Industry research highlights both the promise and risks of AI-generated code, with studies showing that machine-written pull requests contain significantly more bugs and security vulnerabilities than those authored solely by humans. Issues such as improper password handling, insecure object references, and cross-site scripting are notably more prevalent in AI-generated code, raising concerns about the security implications of rapid AI-driven development. These findings underscore the importance of robust review processes and the need for continued vigilance as AI tools become more deeply integrated into software engineering and cybersecurity operations.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
4 events from the most recent confirmed update back to the earliest known activity.
OpenAI releases GPT-5.2-Codex for coding and cybersecurity tasks
OpenAI announced GPT-5.2-Codex, a model optimized for agentic coding and cybersecurity work such as vulnerability detection, fuzzing, test environment setup, and attack surface analysis. The release included enhanced safeguards, availability for paid ChatGPT Codex users, and an invite-only pilot for vetted cybersecurity professionals.
CodeRabbit study finds AI-generated code has more and worse bugs
CodeRabbit analyzed 470 open-source GitHub pull requests and reported that AI-generated code was produced faster but averaged nearly 11 issues per pull request versus about six for human-written code, with more severe bugs including security flaws.
React issues patches for disclosed React Server Components vulnerabilities
Following the vulnerability disclosures, React released fixes and advised users to upgrade to version 19.0.3 or later to remediate the affected React Server Components issues.
Researcher using GPT-5.1-Codex-Max finds React Server Components flaws
A researcher using GPT-5.1-Codex-Max discovered multiple vulnerabilities in React Server Components, including a critical remote code execution issue tracked as CVE-2025-55182, followed by related disclosures CVE-2025-55183, CVE-2025-55184, and CVE-2025-67779.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
OpenAI Releases Codex Security Agent and GPT-5.4 With Expanded Safety Controls
OpenAI announced *Codex Security* (formerly **Aardvark**), an application security agent designed to autonomously **discover, validate, and remediate** vulnerabilities in enterprise and open-source codebases. The product builds a project-specific threat model (mapping trust boundaries and exposure points), then prioritizes issues by likely real-world impact and attempts to **confirm findings by running proof-of-concept exploits in sandboxed environments** before generating contextual patches intended to minimize regressions. OpenAI reported beta metrics including an **84% reduction in alert noise**, a **90% decrease in over-reported severity**, and a **>50% drop in false positives**, and said the system scanned **1.2 million commits** from external repositories over a 30-day period; the tool is rolling out as a research preview via the Codex web interface to ChatGPT Pro, Enterprise, Business, and Edu customers. Separately, OpenAI released the **GPT-5.4** model across ChatGPT, Codex, and the API (`gpt-5.4` and `gpt-5.4-pro`), positioning it as a flagship model with improved reasoning, coding, and agent workflows, plus native computer-use capabilities. OpenAI stated it reduced hallucinations and errors (claiming user-flagged factual errors were **33% less likely** than GPT-5.2 on a de-identified prompt set) and said it **upgraded safety protections** while keeping the same high cyber-risk classification used for GPT-5.3-Codex, indicating continued emphasis on security controls as model capabilities expand.
Jun 29, 2026
OpenAI patched ChatGPT DNS exfiltration flaw and Codex command injection bug
OpenAI patched a ChatGPT vulnerability that allowed sensitive conversation data and uploaded files to be exfiltrated through a covert DNS-based outbound channel in the platform's code-execution runtime. Check Point Research said a malicious prompt or backdoored custom GPT could abuse the isolated Python/Linux environment to leak user content without approval dialogs or visible warnings, and the same path could support bidirectional communication for remote shell access and command execution. OpenAI said it had already identified the underlying issue internally and fully deployed a fix on **February 20, 2026**; reports said there is no evidence of malicious exploitation. A separate OpenAI flaw in **Codex** also drew scrutiny after BeyondTrust Phantom Labs disclosed a critical command injection issue tied to GitHub branch names. The bug could let attackers inject commands, steal GitHub tokens, and potentially move laterally across shared repositories before OpenAI patched it on **February 5, 2026**. The disclosures underscore how AI assistants and coding agents can introduce new enterprise attack paths when outbound communications, runtime isolation, and input validation are not tightly controlled.
Jun 29, 2026
AI Coding Assistants' Impact on Software Security and Quality
OpenAI's GPT-5 and GPT-5-mini models have demonstrated significant improvements in generating secure code compared to previous iterations, according to Veracode's GenAI Code Security Report. These reasoning models achieved security pass rates of 70% and 72% on a benchmark covering common vulnerabilities such as SQL injection, weak encryption, cross-site scripting, and log injection across multiple programming languages. Despite these gains, the report notes that even the best-performing models still make insecure coding choices about 30% of the time, and non-reasoning models like GPT-5-chat lag behind, highlighting the importance of reasoning steps in AI-generated code security. While AI coding assistants can potentially enhance software security and quality, current deployment practices often result in the rapid introduction of new vulnerabilities and quality issues. Industry experts warn that the increased speed of code generation enabled by AI is exacerbating an ongoing decline in software quality, making it harder for organizations to manage and remediate bugs. The combination of faster development cycles and insufficient oversight may lead to a net-negative impact on business security and software reliability, underscoring the need for improved development models and rigorous code review processes when leveraging AI tools.
Jun 29, 2026