Based on the generated threat model, Codex looks for vulnerabilities and rates them by potential real-world impact. It then also proposes patches for the identified flaws.According to OpenAI, Codex Security has been tested against 1.2 million commits over the past 30 days, identifying nearly 800 critical vulnerabilities and more than 10,000 high-severity issues.Vulnerabilities have been found in widely used open source projects such as Chromium, OpenSSL, PHP, GOGS, and GnuTLS.OpenAI’s announcement comes shortly after Claude unveiled its own AI vulnerability scanner, Claude Code Security, which led to the stocks of major cybersecurity companiestumbling.AI-powered vulnerability scanners are not new.GitHubhas offered these capabilities for years, andGoogleclaims to have made significant progress in this area.Related:Hackers Weaponize Claude Code in Mexican Government CyberattackRelated:OpenClaw Vulnerability Allowed Websites to Hijack AI AgentsRelated:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

According to OpenAI, Codex Security has been tested against 1.2 million commits over the past 30 days, identifying nearly 800 critical vulnerabilities and more than 10,000 high-severity issues.Vulnerabilities have been found in widely used open source projects such as Chromium, OpenSSL, PHP, GOGS, and GnuTLS.OpenAI’s announcement comes shortly after Claude unveiled its own AI vulnerability scanner, Claude Code Security, which led to the stocks of major cybersecurity companiestumbling.AI-powered vulnerability scanners are not new.GitHubhas offered these capabilities for years, andGoogleclaims to have made significant progress in this area.Related:Hackers Weaponize Claude Code in Mexican Government CyberattackRelated:OpenClaw Vulnerability Allowed Websites to Hijack AI AgentsRelated:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

Vulnerabilities have been found in widely used open source projects such as Chromium, OpenSSL, PHP, GOGS, and GnuTLS.OpenAI’s announcement comes shortly after Claude unveiled its own AI vulnerability scanner, Claude Code Security, which led to the stocks of major cybersecurity companiestumbling.AI-powered vulnerability scanners are not new.GitHubhas offered these capabilities for years, andGoogleclaims to have made significant progress in this area.Related:Hackers Weaponize Claude Code in Mexican Government CyberattackRelated:OpenClaw Vulnerability Allowed Websites to Hijack AI AgentsRelated:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

OpenAI’s announcement comes shortly after Claude unveiled its own AI vulnerability scanner, Claude Code Security, which led to the stocks of major cybersecurity companiestumbling.AI-powered vulnerability scanners are not new.GitHubhas offered these capabilities for years, andGoogleclaims to have made significant progress in this area.Related:Hackers Weaponize Claude Code in Mexican Government CyberattackRelated:OpenClaw Vulnerability Allowed Websites to Hijack AI AgentsRelated:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

AI-powered vulnerability scanners are not new.GitHubhas offered these capabilities for years, andGoogleclaims to have made significant progress in this area.Related:Hackers Weaponize Claude Code in Mexican Government CyberattackRelated:OpenClaw Vulnerability Allowed Websites to Hijack AI AgentsRelated:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

Related:Hackers Weaponize Claude Code in Mexican Government CyberattackRelated:OpenClaw Vulnerability Allowed Websites to Hijack AI AgentsRelated:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

Related:OpenClaw Vulnerability Allowed Websites to Hijack AI AgentsRelated:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

Related:Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

Eduard Kovacs (@EduardKovacs) is senior managing editor at SecurityWeek. He worked as a high school IT teacher before starting a career in journalism in 2011. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Get a candid look at the current OT threat landscape as we move past "doom and gloom" to discuss the mechanics of modern OT exposure.

Source: SecurityWeek