Senior AI Journalist
The 90-Day Vulnerability Disclosure Model Is Dead: How AI Turned Security Timelines Upside Down
For decades, cybersecurity has relied on a trusted protocol: discover a critical vulnerability, report it to the vendor, wait up to 90 days for a patch, then go public. This model, popularized by Google’s Project Zero, rested on four core assumptions. Himanshu Anand, a Firewall Security Analyst at Cloudflare with over a decade in cybersecurity, argues that AI has systematically dismantled all four of them.
The first assumption—that the person who found the bug is likely the only one who spotted it—has collapsed under the weight of AI-assisted vulnerability discovery. In a critical flaw discovered in April affecting an online store that allowed free purchases, Anand learned he was the eleventh person to report it in just six weeks. Once an AI tool identifies a vulnerability, waves of nearly identical reports roll in within days. The old model of exclusivity is dead. If ten independent researchers find the same flaw simultaneously, how many find it and stay quiet? Assumption two crumbles alongside the first.
The third assumption—that vendors have a comfortable head start before writing patches—barely survives scrutiny anymore. When Anand downloaded source code diffs from React, a widely used web framework, he used a language model to help build a working exploit in thirty minutes. Experienced reverse engineers used to need days for the same work. The patch-to-exploit window, once a critical safety net for administrators, has effectively evaporated. And the most striking case involves the Linux kernel’s Copy Fail vulnerability, discovered through a one-hour AI scan. A 732-byte script grants attackers root access on nearly every Linux distribution since 2017. Within days, Iranian threat actors were exploiting it to hijack servers for DDoS attacks.
Source: The Decoder
Apple’s Internal AI Crisis Forces Pivot From Internal Models to Google Gemini Partnership
When Bloomberg reported that Apple was considering replacing its internal AI models with external providers, the company’s leadership reacted within hours. Siri chief Mike Rockwell and AI head John Giannandrea called an emergency meeting with the foundation models team. Rockwell’s message to staffers was blunt: the article was “bullshit.” Nobody seemed convinced. Apple Intelligence was falling visibly behind competitors, the new Siri was delayed, and talented engineers started exiting the building—many recruited away by Meta.
Behind the scenes, Apple had been locked in parallel negotiations with both Anthropic and OpenAI. Anthropic reportedly demanded several billion dollars annually over multiple years. OpenAI presented a different problem: the company was actively poaching Apple engineers and pursuing its own hardware ambitions with former Apple designer Jony Ive. These talks fell apart spectacularly. Meanwhile, Tim Cook had already lost confidence in Giannandrea by early 2025. Software chief Craig Federighi effectively took control of Apple’s AI direction, deciding to rely on external partners. Giannandrea was sidelined internally for nearly a year before Apple announced his departure in December 2025. He keeps his salary and stock until April 2027.
Google wasn’t initially the frontrunner—the company wasn’t seen as a technology leader in AI, and an antitrust lawsuit threatened to derail the Safari search deal. But by September 2025, when a judge ruled the deal could stand, Google offered terms Apple found acceptable. Internally, Apple now refers to Google’s models simply as “Apple Foundation Models,” a rebranding that quietly acknowledges how far the company has fallen from its goal of internal AI sovereignty.
Source: The Decoder
Anthropic’s Claude Fable 5 Crushes OpenAI on FrontierMath, Signaling New Capability Ceiling
In a stunning benchmark breakthrough, Anthropic’s latest model Claude Fable 5 posted top scores on FrontierMath, one of the toughest AI math reasoning tests available. Fable 5 achieved 87 percent accuracy on the easier tiers 1-3 and an unprecedented 88 percent on tier 4—the hardest level. By comparison, OpenAI’s GPT-5.5 reaches only 75 percent on the same tier. Anthropic’s models have improved dramatically. As recently as early 2026, the predecessor model Opus 4.5 scored below 10 percent on tier 4, making this progress staggering.
These aren’t just academic victories. Anthropic’s mathematical breakthroughs are translating to real-world achievements. An OpenAI model recently solved a longstanding Erdős problem—the kind of open mathematics question that has stumped researchers for years. Claude Mythos subsequently solved the same problem with what’s being called a “cute, simple proof.” These wins signal that frontier AI models are entering a new phase where they stop just mimicking patterns and start grappling with genuinely novel mathematical reasoning.
The FrontierMath benchmark is widely considered one of the most rigorous tests for AI mathematical capability, evaluated by Epoch AI using maximum reasoning effort across all tested models. Anthropic’s dominance here suggests that the company’s focus on reasoning-first architectures is paying dividends. For enterprises deploying AI into research workflows, math-intensive tasks, and scientific discovery, this result carries immediate importance. When infrastructure decisions matter—whether you’re running models on dedicated Contabo VPS clusters or cloud endpoints—model capability in core reasoning tasks becomes a critical differentiation factor.
Source: The Decoder
This article was produced with the assistance of AI tools and reviewed by the AIStackDigest editorial team.