Search

Claude Code Security detects 500+ vulnerabilities, Runway integrates Kling 3.0 and Sora 2 Pro

Claude Code Security detects 500+ vulnerabilities, Runway integrates Kling 3.0 and Sora 2 Pro

A busy week for AI development tools: Anthropic launches Claude Code Security to detect vulnerabilities directly in codebases, Runway unifies the best video models into a single platform, and GitHub Copilot extends its model picker to Business and Enterprise customers. Meanwhile, OpenAI publishes its first results on a high-level mathematical challenge, and Perplexity details the security architecture of its Comet browser.


Claude Code Security: 500+ vulnerabilities detected in open source

February 20, 2026 — Anthropic launches Claude Code Security, a feature integrated into Claude Code (web interface) available in limited research preview. The tool allows security teams to detect vulnerabilities in their codebases and obtain targeted patches, subject to human validation.

Anthropic’s Red Team used Claude Opus 4.6 to identify over 500 vulnerabilities in production open source projects—bugs present for decades, undetected despite years of review by experts.

Unlike traditional static analysis tools (based on known rules and patterns), Claude Code Security reasons about code like a human security researcher: it understands interactions between components, traces data flow through the application, and detects complex vulnerabilities (business logic, broken access control) that classic tools miss.

Each discovery goes through a multi-step verification process: Claude re-examines its own results to eliminate false positives, assigns severity levels, then displays results in a dashboard with suggested patches and a confidence score. Human approval remains mandatory before any action.

AspectDetail
AccessLimited research preview
TargetsEnterprise and Team customers
Open sourceAccelerated free access for maintainers
ApprovalAlways human—Claude suggests, human decides
Model usedClaude Opus 4.6

“Introducing Claude Code Security, now in limited research preview. It scans codebases for vulnerabilities and suggests targeted software patches for human review, allowing teams to find and fix issues that traditional tools often miss.” — @claudeai on X

🔗 Full Anthropic Announcement


Claude Code Desktop: previews, CI/PR monitoring, and session mobility

February 20, 2026 — Claude Code Desktop receives three new features positioning it as a more autonomous development environment:

FeatureDescription
PreviewsClaude can preview running apps, read the DOM and React tree, give a second opinion on changes
PR monitoringMonitors CI in the background; with auto-fix (automatic resolution attempts) and auto-merge (merge as soon as checks pass)
Session mobilitySessions follow the developer—/desktop command to bring a CLI session into the desktop app, or push to cloud to resume from web or mobile

PR monitoring with auto-fix represents a concrete step towards a truly autonomous development agent: opening a PR and continuing to work while Claude monitors and resolves CI failures.

🔗 Claude Code Desktop Tweet


Native git worktrees in Claude Code CLI

February 21, 2026 — Boris Cherny (@bcherny), Product Manager for Claude Code, announces native support for git worktrees in Claude Code CLI. The feature was already available in the Desktop app; it now arrives in the CLI.

Each agent gets its own worktree and can work independently—multiple AI agents can therefore run in parallel on different tasks without file conflicts.

🔗 Claude Code git worktree Tweet


Runway becomes a multi-model video and image hub

February 20, 2026 — Runway announces the integration of major video and image generation models directly into its platform. Creators can now switch between the best models without changing tools.

Models available in Runway:

ModelType
Kling 3.0Video
Kling 2.6 ProVideo
Kling 2.5 Turbo ProVideo
WAN2.2 AnimateVideo
GPT-Image-1.5Image
Sora 2 ProVideo

This integration positions Runway as a creation “hub”: a unified interface for films, ads, social media posts, or any other content, with more control and fidelity.

🔗 Runway Announcement


Midjourney V8: final rating phase before launch

February 20, 2026 — Midjourney announces the Final Round of its “V8 Rating Party”, a user preference collection phase to calibrate the V8 aesthetic personalization system. This round will last until the official launch—a clear signal of an imminent release.

Users vote between pairs of images representing different aesthetics. The presented images are not representative of the final model but serve to train personalization systems.

🔗 Midjourney Updates


GitHub Copilot: extended model picker, Zed GA, deprecations

February 19, 2026 — Three simultaneous updates for GitHub Copilot:

Model picker for Business and Enterprise

The Copilot coding agent model picker, launched in December 2025 for Pro and Pro+ plans, is now available for Copilot Business and Copilot Enterprise.

Available ModelProvider
Auto (default)
Claude Opus 4.5 / 4.6Anthropic
Claude Sonnet 4.5 / 4.6Anthropic
GPT-5.1-Codex-MaxOpenAI
GPT-5.2-Codex / GPT-5.3-CodexOpenAI

If no model is enabled by the administrator, Claude Sonnet 4.6 is automatically used.

🔗 Changelog — Model Picker Business/Enterprise

GitHub Copilot in Zed — General Availability

GitHub makes its partnership with Zed official, a high-performance editor written in Rust (created by the founders of Atom). Copilot subscribers (Pro, Pro+, Business, Enterprise) can use their existing subscription in Zed without an additional AI license.

🔗 Changelog — Copilot in Zed GA

Deprecated models in Copilot

Since February 17, 2026, three models are no longer available in all Copilot experiences:

Deprecated ModelSuggested Alternative
Claude Opus 4.1Claude Opus 4.6
GPT-5GPT-5.2
GPT-5-CodexGPT-5.2-Codex

Enterprise admins should verify their model policies in Copilot settings.

🔗 Changelog — Deprecated Models


OpenAI First Proof: 5 out of 10 mathematical proofs validated

February 20, 2026 — OpenAI publishes results of its submissions to the First Proof challenge, a contest designed to test if AI systems can produce correct proofs on specialized mathematical research problems.

An internal model (under training, unnamed) was submitted to the 10 challenge problems. According to expert feedback, at least 5 proofs (problems 4, 5, 6, 9, 10) have a high probability of being correct, with several others remaining under review. The model operated with limited human supervision.

OpenAI notes that the model “became increasingly capable” throughout training, solving problems in progressive order. This result follows a series: IMO gold medal in July 2025 (35/42 points), then research experiments with GPT-5.

🔗 Our First Proof submissions


ChatGPT: interactive code blocks with Mermaid, Vega, HTML, and React

February 19, 2026 — OpenAI makes code blocks in ChatGPT interactive. Users can now create, edit, and preview code directly in the chat interface.

FeatureDescription
Diagrams and mini-appsLive creation and preview in chat
Split-screen viewSide-by-side code review
Full-screen modeFull-screen editing
Supported formatsMermaid, Vega, HTML, React (and more to come)

This is an “early launch” being rolled out gradually, with intentions to enrich code blocks over time.

🔗 OpenAI Devs — Interactive Code Blocks


Perplexity Comet: detailed security architecture, open-source BrowseSafe

February 20, 2026 — Perplexity publishes an in-depth article on the security architecture of Comet, its agentic AI browser. Facing Comet’s extended capabilities (web browsing, content interaction, complex task execution), the team details protection measures implemented from the start.

DateStep
April 2025Pre-launch audit by Trail of Bits—threat modeling, adversarial testing
October 2025Publication of 4-layer defense architecture + bug bounty launch
December 2025Open-sourcing of BrowseSafe (detection model + benchmark)

BrowseSafe in open source covers:

  • 14,719 examples of real and synthetic attacks
  • 11 attack types (hidden HTML, CSS, content confusion, goal hijacking…)
  • 9 injection strategies documented
  • 3 linguistic styles tested

🔗 Perplexity Hub Article — Comet Security


Gemini CLI v0.29.0: Plan Mode and Gemini 3 by default

February 17, 2026 — Version v0.29.0 of Gemini CLI brings four improvements:

FeatureDetail
Plan ModeNew planning capability with /plan command and enter_plan_mode tool
Gemini 3 DefaultPreview flag removed: Gemini 3 enabled by default for everyone
Extension ExplorationNew UI to explore and manage extensions
Admin ControlAllowlist for specific MCP server configurations by administrators

🔗 Gemini CLI Changelog


NotebookLM: prompt-based revisions and PPTX export

February 17, 2026 — NotebookLM rolls out two updates for Slide Decks:

  • Prompt-Based Revisions: modify slides directly via natural prompt (adjust, rephrase, re-style)
  • PPTX Support: export Slide Decks in PowerPoint format (.pptx)—Google Slides announced as next step

🔗 Tweet @NotebookLM


Gemini 3.1 Pro integrated into Perplexity Pro and Max

February 19, 2026 — Perplexity integrates Gemini 3.1 Pro into its AI search engine. The model is immediately accessible for Pro and Max subscribers (not Free), presented as “Google’s most advanced model” in the selector.

Since early February, Perplexity has integrated Claude Opus 4.6 (Feb 9), Claude Sonnet 4.6 (Feb 17), and Gemini 3.1 Pro (Feb 19)—that is three frontier models in two weeks.

🔗 Announcement @perplexity_ai


Qwen3-Coder-Next available via Alibaba Cloud API

February 20, 2026 — Qwen makes its coding model Qwen3-Coder-Next available via Alibaba Cloud Model Studio API. The model, initially launched as open-source on February 2, is now accessible via scalable endpoints. It has also been integrated into Alibaba Cloud’s Coding Plan, an offering dedicated to software development.

🔗 Tweet @Alibaba_Qwen


Minor updates

Claude Code Hackathon — Results (Feb 21) — The latest Claude Code hackathon concluded with 500 builders spending a week exploring Opus 4.6 and Claude Code. The “Keep Thinking” prize goes to TARA by Kyeyune Kazibwe: a dashcam pipeline → African infrastructure investment recommendations, tested on a road under construction in Uganda. 🔗 Tweet @claudeai

NotebookLM Video Overviews mobile (Feb 21) — It is now possible to customize Video Overviews directly in the NotebookLM mobile app. 🔗 Tweet @NotebookLM

Pomelli Photoshoot — Google Labs (Feb 20) — Google Labs launches Photoshoot in Pomelli: generation of product visuals ready for marketing campaigns from a single photo (templates, prompt editing, creation from scratch). 🔗 Tweet @GoogleAI

Organization-level Copilot metrics dashboard (Feb 20) — A new Copilot usage metrics dashboard is available in public preview at the organization level. 🔗 GitHub Changelog


What this means

Claude Code Security marks a turning point: Anthropic is no longer positioning itself just as a developer productivity tool, but as a player in defensive cybersecurity. Integrating vulnerability detection directly into an AI IDE—with mandatory human supervision—addresses a recurring criticism of AI coding tools generating code without verifying its security. The 500 vulnerabilities found in real open source projects are a concrete argument.

On the creative platforms side, Runway confirms its aggregator strategy: rather than developing a single flagship model, the company bets on multi-model integration (Kling, WAN, Sora, GPT-Image) to offer a unified interface. It’s a different bet from Midjourney, which continues to iterate on its own models with V8.

On the development side, the multiplication of models available in GitHub Copilot (Claude Opus 4.6, GPT-5.x-Codex) and its expansion to Zed indicates a convergence: code assistance tools are becoming multi-model interfaces rather than single-provider wrappers.


Sources