Exactly, the entire AI industry has been trying to create an AI powered security arm race. I am not necessarily blaming them.
Hard to know how much has been thrown into this but I would bet a lot.
So far I have been very surprised we haven't been flooded by those type of announcements. If you look you will always find something and OpenBSD is the top price.
They are throwing tokens at codebases and finding mostly vulnerabilities in cases that have not been worth the limited time and effort of the chronically underfunded and understaffed professional groups. There’d be a lot more value in the companies giving the money they spend on their synthetic text extruders to the organizations doing quality security research work.
> they are ... finding ... vulnerabilities ... that have not been worth the time and effort ...
that's kinda the entire point