⚡️OpenAI launches Aardvark, a GPT-5 agent for code security

Every big software project hides a few nasty surprises. Vulnerabilities sneak in through small commits, unnoticed until they break something important or worse, expose data.

Security tools can help, but they often drown engineers in false alarms or miss logic errors that only a human reviewer would spot.

That's the problem Aardvark takes on. Built by OpenAI and powered by GPT-5, Aardvark acts like an autonomous security researcher that scans your repositories, understands code behavior, and proposes fixes.

It doesn't use traditional methods like fuzzing or static analysis. Instead, it reads, reasons, and tests code the way a real engineer would.

How it works
Once connected to your GitHub repository, Aardvark runs a full scan to understand your system and build a threat model like a map of what's important to protect. It then keeps watch as you push new commits.

Flags suspicious code changes in real time.
Tests each finding in a sandbox to confirm it's exploitable.
Generates a Codex-based patch for human review.
Submits pull requests directly into your workflow.

Performance and results
OpenAI reports that Aardvark identified 92% of known and synthetic vulnerabilities in benchmark repositories. It has already uncovered and disclosed ten real CVEs in open-source projects.

Who can use it
Right now, Aardvark runs in private beta for select enterprise and open-source partners. You can integrate it with GitHub or CI/CD pipelines, giving it repository access to scan code, propose fixes, and annotate findings.

Aardvark isn't just a vulnerability scanner. It's a new kind of teammate: an AI that reads your codebase like a researcher, tests its own findings, and learns how to make your next commit safer.

TRY NOW

Find out how to make every AI investment count

AI is all the rage, but are you using it to your advantage? Find out how to make every AI investment count. We love this practical guide from You.com that walks through a proven framework to identify and prioritize high-value AI opportunities.

You'll learn how to:

Map internal workflows and customer journeys to pinpoint where AI can drive measurable ROI
Ask the right questions when it comes to AI use cases
Align cross-functional teams and stakeholders for a unified, scalable approach

Learn more with this AI Use Case Discovery Guide.

DOWNLOAD GUIDE NOW

partner with us

Signals

Microsoft launches Researcher with Computer Use, letting Copilot browse, navigate, and act securely online

1,167 Likes

OpenAI adds a new credit system to extend Codex and Sora access for Plus and Pro users after limits are reached

3,378 Likes

Google raises Gemini 2.5 caching discount to 90%, reducing input token costs for repeated prompts

1,649 Likes

Moonshot AI unveils Kimi Linear, an open-source linear attention model achieving 6× decoding speed on long-context tasks

993 Likes

Perplexity debuts Patents, an AI research agent with direct access to global patent databases

901 Likes

Papers

New "Memory Folding" tech gives DeepAgent brain-like reasoning powers

1,849 Likes

The method bridges reinforcement learning i.e., on-policy and supervised distillation which is off-policy. It uses reverse-KL per-token loss, training students on what they actually produce, reducing compounding errors and enabling smaller models to perform like larger ones.

Alibaba introduces AgentFold, a dynamic memory system for web agents

1,382 Likes

AgentFold replaces passive history logs with active context management. It selectively compresses past steps to retain key details, surpassing DeepSeek-V3.1-671B and OpenAI o4-mini using only supervised fine-tuning.

Google's VISTA teaches video models to improve themselves over time

1,584 Likes

Google and NUS introduce VISTA, a self-improving video generation agent that iteratively refines prompts through multi-agent feedback. It improvs video quality and alignment by 60% over state-of-the-art baselines.

How To

Train SmolLM3: The Complete Hugging Face Training Guide

This guide walks through the full process of training SmolLM3, using Hugging Face's new Smol Training Playbook. It explains how to design, run, and analyze pretraining and post-training experiments for language models.

The playbook closes the trilogy that started with FineWeb for dataset creation and Ultrascale for infrastructure scaling.

You'll learn how to:

Prepare and curate datasets for model pretraining
Configure and launch distributed training across GPU clusters
Tune hyperparameters systematically for optimal results
Apply post-training techniques to boost model quality
Log, compare, and analyze experiments for reproducibility
Manage scaling challenges and efficiency trade-offs in training

LEARN MORE

At Alpha Signal, our mission is to build a sharp, engaged community focused on AI, machine learning, and cutting-edge language models, helping over 200,000 developers stay informed and ahead. We're passionate about curating the best in AI, from top research and trending technical blogs to expert insights and tailored job opportunities. We keep you connected to the breakthroughs and discussions that matter, so you can stay in the loop without endless searching. We also work closely with partners who value the future of AI, including employers and advertisers who want to reach an audience as passionate about AI as we are.

Our partnerships are based on shared values of ethics, responsibility, and a commitment to building a better world through technology.Privacy is a priority at Alpha Signal. Our Privacy Policy clearly explains how we collect, store, and use your personal and non-personal information. By using our website, you accept these terms, which you can review on our website. This policy applies across all Alpha Signal pages, outlining your rights and how to contact us if you want to adjust the use of your information. We're based in the United States. By using our site, you agree to be governed by U.S. laws.