AI Security Hits a Inflection Point, Cursor's Bugbot Gets Smarter

AI security just got real. Anthropic's latest model has found vulnerabilities in every major operating system and web browser, some of which survived decades of human review. This isn't a hypothetical threat anymore. Meanwhile, Cursor's AI code reviewer just got a significant upgrade. Here's what's worth your attention today.

TL;DR: Anthropic's new Claude Mythos model can find and exploit software vulnerabilities better than most humans, prompting a major industry coalition for defensive use. Cursor's Bugbot now self-improves from your PR feedback, hitting a 78% bug resolution rate. Plus, Safetensors -- the de facto standard for sharing ML model weights -- is now under neutral governance at the PyTorch Foundation.

AI Models Now Outperform Most Humans at Finding Vulnerabilities

Anthropic didn't release their latest model to the public. Instead, they launched Project Glasswing, a collaboration with AWS, Apple, Broadcom, Cisco, CrowdStrike, Google, JPMorganChase, Microsoft, NVIDIA, and Palo Alto Networks. The goal is straightforward: put this capability in the hands of defenders before it proliferates elsewhere.

Claude Mythos Preview has already found thousands of high-severity vulnerabilities. The model didn't just spot bugs that humans missed -- it figured out how to exploit them. Some of these vulnerabilities survived decades of human review across every major OS and browser.

This is the inflection point the security community has been bracing for. Finding and exploiting software vulnerabilities used to require elite expertise. Now the cost and expertise required have dropped dramatically. Anthropic is committing up to $100M in usage credits for Mythos Preview across defensive efforts, plus $4M in direct donations to open source security organizations.

The project is an urgent attempt to redirect AI capabilities toward defense. Whether it works depends on how fast the industry can mobilize.

Cursor's Bugbot Now Learns From Your PR Feedback

On the developer tooling side, Cursor shipped a meaningful update to Bugbot, their AI code reviewer. Bugbot can now learn from feedback on pull requests and turn those signals into rules that improve future reviews.

The mechanics are elegant. Bugbot looks at reactions and replies to its comments, plus comments from human reviewers. It processes these signals into candidate rules, promotes ones that accumulate positive signal, and disables ones that start generating negative feedback. Over 110,000 repos have enabled learning so far, generating more than 44,000 learned rules.

The results speak for themselves. Bugbot's bug resolution rate is now at 78%, compared to 64% for the next closest competitor. That's 15 percentage points higher than any other AI code review product.

The deeper point here is the self-improvement loop. Bugbot reviews hundreds of thousands of PRs per day, and each review is a natural experiment. Turning that stream of real-world signal into improved performance is a different approach than the offline experimentation that drove improvements before.

If you're using Bugbot and finding false positives, your feedback is now actively making it better -- not just for your repo, but potentially across the entire system.

Safetensors Finds a Neutral Home at the PyTorch Foundation

One more thing worth noting if you work with ML models: Safetensors has joined the PyTorch Foundation under the Linux Foundation.

For those who haven't followed the story, Safetensors started as a Hugging Face project to solve a real problem. The pickle-based formats that dominated model sharing could execute arbitrary code -- a serious risk as open model sharing became central to how the ML community works. Safetensors built a simple alternative: a JSON header with a 100MB limit describing tensor metadata, followed by raw tensor data. Zero-copy loading, lazy loading, no arbitrary code execution.

Today it's the default format for model distribution across the Hugging Face Hub and others. Tens of thousands of models across all modalities use it.

Joining the PyTorch Foundation means the project now has vendor-neutral governance. The trademark, repository, and governance sit with the Linux Foundation rather than any single company. Hugging Face's core maintainers remain on the Technical Steering Committee and continue leading day-to-day work, but the project formally belongs to the community that depends on it.

The roadmap ahead includes device-aware loading for CUDA and ROCm, tensor parallel and pipeline parallel loading APIs, and formal support for FP8 and block-quantized formats like GPTQ and AWQ.

If you're building on Safetensors and want to shape its direction, the governance is now open for community participation.

That's the rundown for today. The AI security story is the biggest headline -- it's rare to see this level of industry coordination before a capability becomes widely available. Worth watching how the defense coalition scales up.

Sources: Anthropic Project Glasswing, Simon Willison, [Cursor Changelog](/blog/bugbot-learning), Hugging Face Blog