OpenAI is preparing a more capable version of Codex, its code-focused AI model, and the company is attaching a clear warning to the rollout: the update is expected to reach the "High" cybersecurity risk level in OpenAI's own framework for the first time.
CEO Sam Altman announced on X that new features will ship next week. The company is also planning several Codex-related releases in the coming weeks, making this a notable moment for both AI coding tools and AI safety policy.
Why this Codex update matters
Codex is built around software and code. That makes improvements especially consequential because the same capabilities that can help developers move faster can also affect cybersecurity work.
According to Altman, the coming features will push the model into OpenAI's "High" cybersecurity risk category. In OpenAI's framework, only "Critical" sits above that level.
The shift does not mean OpenAI is describing the update as the highest-risk category. It means the company sees the new Codex capabilities as powerful enough to cross a threshold it has not previously crossed for this model line.
For users, the immediate issue is not just whether Codex can write more useful code. It is whether a stronger coding model can also lower the effort needed to find weaknesses, automate parts of an attack, or work against better-protected targets.
What "High" cybersecurity risk means
OpenAI's guidelines describe the "High" level as a point where an AI model can remove existing barriers to cyberattacks. The source gives examples such as automating attacks on well-protected targets or automatically detecting security vulnerabilities.
Those capabilities matter because cybersecurity often depends on friction. Attackers need time, skill, tools, and persistence. Defenders need to identify weaknesses, patch software, and respond before damage spreads.
If a model reduces the work needed to attack systems, it can change that balance. According to the source, these capabilities could disrupt the balance between cyberattack and defense and significantly increase the volume of cyberattacks.
That is why the Codex update is being framed as more than a product release. It is also a test of how OpenAI handles powerful coding models as they become more useful for both legitimate security work and potential misuse.
OpenAI's planned approach
Altman said OpenAI plans to begin with product restrictions intended to prevent people from using the coding models for cybercrime. That suggests the first phase will focus on limiting harmful use cases as the new features become available.
Over time, Altman said the company will shift toward accelerating defenses and helping people fix security vulnerabilities. In practical terms, that frames Codex as a tool OpenAI wants to point toward repair, hardening, and vulnerability response rather than abuse.
The source also says Altman argues that deploying current AI models quickly is essential to making software more secure because more powerful models are on the horizon. That position reflects a broader OpenAI safety stance captured in the phrase "not publishing is not a solution either."
The reasoning is straightforward: if stronger models are coming, then defenders may need access to capable tools sooner rather than later. But that logic also creates tension, because releasing stronger tools can expand access for everyone, including people with harmful goals.
The line between "High" and "Critical"
OpenAI's highest cybersecurity risk level is "Critical." The source describes that category as a level where a model could find and develop functional zero-day exploits across all severity levels in many hardened, critical systems without human intervention.
It could also independently develop and execute novel cyberattack strategies against protected targets from only a rough objective. That is a much more severe capability profile than the "High" level described for the upcoming Codex update.
The distinction matters. "High" is still serious because it can remove barriers and scale harmful activity. But "Critical" points to autonomous discovery and execution of attacks against hardened systems, including previously unknown security vulnerabilities.
The source says the ability to find end-to-end exploits for any software could allow individual actors to hack military or industrial systems, or even OpenAI's own infrastructure. OpenAI's framework says this could lead to disasters through new types of zero-days or new methods of remotely controlling compromised systems.
What to watch next
The immediate timeline is short. Altman said new features will ship next week, while several Codex releases are planned in the coming weeks.
The central question is how OpenAI balances access, restriction, and defensive use. The company is signaling that the model's cybersecurity capabilities are advancing, while also saying it wants to steer those capabilities toward fixing vulnerabilities.
For software teams and security professionals, the bigger takeaway is that AI coding models are moving deeper into cybersecurity-sensitive territory. Codex is no longer just a productivity story. It is becoming part of the broader debate over whether advanced AI tools will strengthen software defense faster than they expand the attack surface.