InfoSecBulletin Cybersecurity for mankind
OpenAI launched Codex Security on Friday, an AI security agent that identifies and suggests fixes for vulnerabilities. The feature is in research preview for ChatGPT Pro, Enterprise, Business, and Edu customers through the Codex web, available free for the next month.
“It builds deep context about your project to identify complex vulnerabilities that other agentic tools miss, surfacing higher-confidence findings with fixes that meaningfully improve the security of your system while sparing you from the noise of insignificant bugs,” the company said.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
Codex Security is an improvement of Aardvark, launched by OpenAI in private beta in October 2025, designed for developers and security teams to identify and address security vulnerabilities effectively.
In the past 30 days, Codex Security has scanned over 1.2 million commits in external repositories during the beta phase, uncovering 792 critical and 10,561 high-severity vulnerabilities. These issues affect various open-source projects such as OpenSSH, GnuTLS, GOGS, Thorium, libssh, PHP, and Chromium. Here are some examples –
GnuPG – CVE-2026-24881, CVE-2026-24882
GnuTLS – CVE-2025-32988, CVE-2025-32989
GOGS – CVE-2025-64175, CVE-2026-25242
Thorium – CVE-2025-35430, CVE-2025-35431, CVE-2025-35432, CVE-2025-35433, CVE-2025-35434, CVE-2025-35435, CVE-2025-35436
The new version is easier to understand and focuses on clarity:
The AI company states that the latest version of the application security agent uses advanced models and automated checks to reduce false positives and provide clear solutions.
OpenAI’s scans of the same repositories over time have shown improved accuracy and reduced false positive rates, which have dropped by over 50%.
“OpenAI said Codex Security is designed to improve signal-to-noise by grounding vulnerability discovery in system context and validating findings before surfacing them to users” reported by thehackernews.
