La nouvelle initiative de cybersécurité d’OpenAI a une leçon pour la cryptographie : arrêtez d’attendre le piratage
Burns Brief
OpenAI a lancé une nouvelle initiative de cybersécurité, Daybreak, le 11 mai, conçue pour trouver, valider et aider à corriger les vulnérabilités logicielles avant que les attaquants ne puissent les exploiter. La nouvelle a secoué les acteurs du marché, les baissiers cherchant à faire baisser les prix tandis que les haussiers tentent de défendre les niveaux de support clés. Surveillez $NEAR pour connaître la réaction : un mouvement décisif au-dessus ou en dessous des niveaux clés confirmera la prochaine tendance.
OpenAI introduced a new cybersecurity initiative, Daybreak, on May 11, designed to find, validate, and help fix software vulnerabilities before attackers can exploit them. The firm describes the approach as making software “resilient by design,” moving security earlier into the build cycle through AI-assisted code review, threat modeling, patch validation, and dependency analysis. For crypto, where a software failure can result in an immediate capital loss within a single block, the urgency is clear. The standard pattern in the crypto industry is reactive, going through a pre-launch audit, post-deployment monitoring, response when funds move, a post-mortem on the method , vulnerability patching, reimbursement negotiation, and governance debate. That model has the weakness that the bug comes to light only once the capital has already moved. The window between deployment and exploit is when risk runs highest, and defenses run thinnest. TRM Labs' 2026 Crypto Crime Report showed that illicit actors stole $2.87 billion across nearly 150 hacks and exploits in 2025. Infrastructure attacks via compromised keys, wallet infrastructure, privileged access, front-end surfaces, and control planes drove $2.2 billion of that total. Code exploits, the category most audits directly address, accounted for $350 million, or 12.1%. Hacken's data for the first quarter reinforces that audit-centric security has real limits, since Web3 lost $482 million across 44 incidents in a single quarter. Six of those incidents involved audited protocols, including one that had received 18 separate audits. A $282 million theft involved no code exploit, with the attacker bypassing the contract layer entirely and compromising the operational and social infrastructure around it. CertiK's most recent wrench-attack report noted that 34 verified physical coercion incidents occurred globally between January and April 2026, up 41% from the same period in 2025, with estimated losses of approximately $101 millio
Key Takeaways
- OpenAI introduced a new cybersecurity initiative, Daybreak, on May 11, designed to find, validate, and help fix software vulnerabilities before attackers can exploit them
- For crypto, where a software failure can result in an immediate capital loss within a single block, the urgency is clear
- That model has the weakness that the bug comes to light only once the capital has already moved
- The window between deployment and exploit is when risk runs highest, and defenses run thinnest
- TRM Labs' 2026 Crypto Crime Report showed that illicit actors stole $2