One bug found is a testament to the great diligence and culture around security of OpenBSD. Especially if you take into account the amount of resources they have been able to achieve this with.
While I agree, OpenBSD also doesn't fully implement features/functionality.
If your operating system only does 20% of what another operating system can do, it's easier for you to have 80% less bugs.
That's not a knock, it's a design philosophy of OpenBSD (which is to do the minimal needed, and no more, in the most simplistic way).
Exactly, the entire AI industry has been trying to create an AI powered security arm race. I am not necessarily blaming them.
Hard to know how much has been thrown into this but I would bet a lot.
So far I have been very surprised we haven't been flooded by those type of announcements. If you look you will always find something and OpenBSD is the top price.
+1
It is also a testament to solid engineering and attention to good security practices in general. These still work, also against fancy new AI attackers.
When sophisticated attacks become cheaper to run, maybe it will (finally) be cheaper to do more solid engineering instead of doing it quick and dirty and ending up in indefinite bug-squashing mode.