Depthfirst’s AI agent found 21 FFmpeg zero-days for $1,000. Chrome 149 patched a record 429 bugs. AI is flooding defenders with more bugs than they can handle.
A security startup’s autonomous AI agent found 21 previously unknown vulnerabilities in FFmpeg, the open-source media library embedded in almost everything that touches video. The startup, depthfirst, says the run cost roughly $1,000 in compute. Some of the bugs had been hiding in the codebase for more than 20 years.
Days later, Google shipped Chrome 149 with patches for 429 security bugs, the most ever in a single browser release. Over 100 are critical or high severity. The two events arrived independently, but they point in the same direction: AI is finding vulnerabilities faster than humans can fix them.
Depthfirst’s agent scanned FFmpeg’s roughly 1.5 million lines of C and produced a reproducible proof-of-concept for each of the 21 zero-days. Most are heap or stack overflows in parsers and demuxers, spanning components from the TS demuxer to the VP9 decoder. One stack overflow in the service-description-table code dates to 2003.
Nine already carry CVE identifiers (CVE-2026-39210 through CVE-2026-39218). The rest have been fixed upstream but not yet numbered. Depthfirst has published proof-of-concept code.
FFmpeg is not new to AI-driven bug hunting. Google’s Big Sleep agent reported a run of FFmpeg bugs last year. Anthropic’s Mythos model pulled a 16-year-old H.264 flaw and others out of FFmpeg for about $10,000. Depthfirst claims to have done comparable work at a tenth of the cost.
Chrome 149’s record haul is a different story. Google has not attributed the 429 vulnerabilities to AI. But the company overhauled its bug bounty programme in April after a flood of AI-generated submissions, now asking researchers for concise reproducers instead of the long writeups AI tends to produce.
The worst bug, CVE-2026-10881, scores 9.6 on the CVSS scale. It is an out-of-bounds read and write in the ANGLE graphics engine that lets a crafted page escape Chrome’s sandbox and run code on the host. Google paid $97,000 for the report. Of the 22 critical bugs, 19 were found internally.
The pattern keeps repeating. An autonomous tool recently found an authenticated remote code execution flaw in Redis that had gone unnoticed for over two years. A February study showed an AI agent could reproduce working exploits for more than half of 100 real Linux kernel bugs, beating traditional fuzzing.
The hard problem is shifting. Finding these bugs has become cheap. Triaging the reports, shipping the fixes, and getting them installed has not. Much of that work still falls on volunteers and a thin layer of human triagers now expected to keep pace with machines. Mozilla patched 271 Firefox vulnerabilities found by Mythos in a single pass. The question is no longer whether AI can find the bugs. It is whether anyone can fix them fast enough.
I’ve driven a lot of EVs lately, and many of them seem obsessed with feeling futuristic at all costs. Some are great tech showcases, but not all of them are particularly easy to live with day to day.
The 2026 Polestar 3 Dual Motor Performance is different because it doesn’t lean into that over-the-top EV personality. It feels like a proper luxury SUV first, and an electric vehicle second.
With 680 horsepower on tap, it’s seriously quick when you want it to be. But the real story is how normal it feels when you’re just going about daily driving.
Pros
Cons
Feels more like a normal luxury SUV than a typical EV
Strong performance
Excellent interior quality
Firm ride
Smaller cargo space than rivals
Expensive options that put the price up quickly
A luxury SUV first, an EV second
It behaves more like a traditional premium SUV than a futuristic EV
The first thing you notice about the 2026 Polestar 3 is how little it tries to act like a typical EV. It doesn’t lean on gimmicks or exaggerated futuristic styling cues.
Instead, it feels like a well-sorted luxury SUV that just happens to be electric. That approach instantly separates it from much of the competition.
The steering feels natural, and the ride is controlled without feeling overly soft or disconnected. It avoids the detached “floating tech pod” sensation that some EVs still struggle with.
Even in Performance trim, it never feels dramatic for the sake of it. Everything is tuned around calmness and everyday usability.
This EV SUV surprised me—it’s packed with space and comfort, even if the drive itself is a bit mellow.
A driving position that feels more focused than expected
Lower, tighter, and more engaging than a large SUV has any right to be
Credit: Adam Gray | How-To Geek
You sit lower in the Polestar 3 than you might expect for a large SUV. That gives it a slightly cocooned driving position that feels more focused than most rivals.
At first, it almost feels like you’re in something smaller and more sports-oriented. That illusion works especially well in everyday driving.
But the reality check comes when you push harder. The weight shows up under braking and reminds you what this really is.
Most functions are handled through a large central touchscreen running Google’s system. It looks excellent, but it takes time to get used to.
Core controls like drive settings and climate adjustments aren’t instantly accessible. It keeps the cabin visually clean but less immediate in use.
There are also quirks like relocated rear window switches and unlabeled steering wheel buttons. They don’t ruin the experience, but they do take time to learn.
BMW has just revealed its all-new 2026 iX3, a sleek electric SUV designed to rival Tesla with cutting-edge tech, bold design, and impressive range.
A surprisingly roomy and practical luxury SUV
Family-friendly space despite the coupe-like profile
Credit: Adam Gray | How-To Geek
Rear seat space is one of the Polestar 3’s strongest points. The five-seat layout allows generous legroom throughout.
Even taller passengers won’t struggle for space in the back. Headroom is slightly limited by the sloping roofline, but it doesn’t feel restrictive.
Cargo space is average for the class, with a shallow load floor and raised cargo area. You also get underfloor storage plus a small frunk for charging cables and small items.
Polestar has removed most physical controls in favor of a screen-first interior. That keeps the design clean but increases the learning curve.
The 14.5-inch display looks sharp and responds quickly, but key functions often take more steps than expected. Even simple adjustments aren’t always immediate.
It reinforces the modern EV feel, but it also highlights the tradeoff. This is where the “normal SUV feel” starts to give way to full EV complexity.
Hyundai’s flagship three-row EV gets a darker Black Ink makeover and the kind of upscale feel you’d normally expect from far pricier SUVs.
What’s new for 2026
A technical overhaul that fixes early shortcomings
Credit: Adam Gray | How-To Geek
The Polestar 3 had a difficult start to life, with delays and early software issues affecting its rollout. This update feels like the version it should have launched as.
The biggest change is the switch to an 800-volt electrical architecture. That brings much faster charging speeds and shorter stops on compatible fast chargers.
All versions also get new batteries and updated in-house motors. The lineup has been simplified into three clearer variants based on powertrain.
The Dual Motor Performance model now produces 680 horsepower. Despite that, it still feels more like a relaxed luxury SUV than a performance machine most of the time.
You should avoid these cars new, but used examples are a bargain.
Pricing and what you actually get for the money
Expensive, but it feels properly equipped before options get involved
Credit: Adam Gray | How-To Geek
The 2026 Polestar 3 starts at £71,540 ($91,000), rising to £79,540 ($101,000) for the Dual Motor and £87,040 ($111,000) for the Performance. That puts it firmly against the BMW iX and Mercedes EQE SUV rather than mainstream electric SUVs.
Standard equipment is strong across the range, with 20-inch alloy wheels, a 14.5-inch portrait touchscreen, a Bowers & Wilkins sound system, and a full suite of driver assistance tech. It feels well-equipped even before options enter the conversation.
Move up to the Dual Motor and you get dual-chamber air suspension and subtle Swedish gold detailing. The Performance model adds significant power, revised chassis tuning, gold Brembo brake calipers, and gold seatbelts.
Where costs rise is options. Paint starts at £1,000 ($1,270), while Bridge of Weir leather upholstery costs around £3,900 ($4,950).
Even so, it feels more complete out of the box than many rivals in this segment. The base price is high, but it doesn’t feel stripped back or artificially entry-level.
Subaru’s new three-row EV packs 420 horspower, real off-road chops, and enough space for the whole family—without feeling boring.
How-To Geek’s take
An EV that finally behaves like a normal car first
Credit: Adam Gray | How-To Geek
The updated Polestar 3 doesn’t try to reinvent what an electric SUV should be. Instead, it focuses on feeling familiar, calm, and easy to live with.
It still has compromises, including a firm ride and heavy touchscreen reliance. But it avoids the overly futuristic feel that turns some drivers away from EVs entirely.
That’s what makes it work. It feels like an electric SUV for people who don’t usually like electric SUVs, and it commits to that idea from start to finish.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
