I honestly think this argument (that cheap vulnerabilities means more zero days) is backwards. Making vulnerability detection cheaper shifts the balance in favor of the good guys, because it dilutes the size of the black market that the discoverers might otherwise be tempted to sell into.

Stated differently: right now black hat hacking is a valuable skill that can be turned into money easily. Once everyone can do it the incentives shift and the black hats will disappear. And that leaves the next most incentivized group in control of the market, who are presumably the software vendors.

Basically Microsoft and Google and company used to have to pay bug bounties and pray. Now it's practical just to throw a few million dollars at Anthropic instead.