{"id":237781,"date":"2026-06-26T11:35:00","date_gmt":"2026-06-26T15:35:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/26\/software-ai-companies-form-alliance-to-tackle-open-source-security-flaws\/"},"modified":"2026-06-26T11:40:43","modified_gmt":"2026-06-26T15:40:43","slug":"software-ai-companies-form-alliance-to-tackle-open-source-security-flaws","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/26\/software-ai-companies-form-alliance-to-tackle-open-source-security-flaws\/","title":{"rendered":"Software, AI companies form alliance to tackle open-source security flaws"},"content":{"rendered":"<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/software-ai-alliance-open-source-security-flaws\/823889\/\">Software, AI companies form alliance to tackle open-source security flaws<\/a><\/p>\n<p><a href=\"https:\/\/www.cybersecuritydive.com\/news\/software-ai-alliance-open-source-security-flaws\/823889\/\">https:\/\/www.cybersecuritydive.com\/news\/software-ai-alliance-open-source-security-flaws\/823889\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-26 11:35:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.cybersecuritydive.com\">www.cybersecuritydive.com<\/a><\/p>\n<p>Author: <a href=\"\"><\/a><\/p>\n<p> Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n<p>A coalition of technology companies, including Anthropic, AWS, IBM and Microsoft, announced a joint effort to find, disclose and remediate security flaws in open-source software.\u00a0<br \/>\nThe group, called Akrites, will establish a shared security incident response team as well as a coordinated vulnerability disclosure process.\u00a0<br \/>\nThe founding members, led by the Linux Foundation, will commit extensive resources to the effort, including funding, engineers and cybersecurity expertise.\u00a0<br \/>\nOfficials said the plan was mainly driven by the emergence of frontier AI models that radically accelerated the ability to discover vulnerabilities in critical software applications. In recent months, malicious actors have demonstrated the ability to weaponize AI for use in sophisticated attacks.\u00a0<\/p>\n<p>The existing open-source ecosystem does not have the ability to discover and remediate vulnerabilities fast enough to protect millions of users from potential attacks. The group outlined some of these concerns in an open letter to the industry.\u00a0<br \/>\n\u201cArtificial intelligence has collapsed the previous equilibrium between attackers and defenders, changing the equation of ease and reuse of software,\u201d the coalition wrote in the letter.\u00a0<br \/>\nDisclosure backlog<br \/>\nAkrites is designed to address some of the systemic challenges facing the open-source community in terms of developing a coordinated vulnerability disclosure process, according to Christopher Robinson, CTO of Open Source Security Foundation and chief security architect of the Linux Foundation.\u00a0<br \/>\nThe emergence of large language models and sophisticated scanning tools in recent years has made all of those historic challenges even more serious.<br \/>\n\u201cUpstream projects are being inundated with vulnerability reports of varying degrees of quality which far exceeds these volunteer developers\u2019 ability to evaluate and keep up,\u201d Robinson told Cybersecurity Dive.<br \/>\nSeed funding for Akrites will be provided by Alpha Omega, which is a directed fund under the Linux Foundation. Other organizations are being asked to provide additional resources or engineering talent.\u00a0<br \/>\nThe open-source community has faced mounting concerns in recent years about the inability of traditional maintainers to quickly discover and disclose vulnerabilities in order to prevent widespread supply chain attacks.\u00a0<\/p>\n<p>Varun Badhwar, co-founder and CEO of Endor Labs, said more than 23,000 vulnerabilities were discovered just one month after the announcement of Project Glasswing, impacting about 1,000 open-source projects. These include about 6,000 vulnerabilities that were considered high severity or critical.\u00a0<br \/>\nIn addition, Glasswing\u2019s partners found another 10,000 high-severity or critical flaws. Only 5% of these vulnerabilities have been fixed.\u00a0<br \/>\n\u201cNo volunteer ecosystem was built to absorb that,\u201d Badhwar told Cybersecurity Dive.\u00a0<br \/>\nOther founding companies in Akrites include Cisco, Citi, JPMorgan Chase, NVIDIA, OpenAI, Ericsson and others.\u00a0<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Software, AI companies form alliance to tackle open-source security flaws https:\/\/www.cybersecuritydive.com\/news\/software-ai-alliance-open-source-security-flaws\/823889\/ Publish Date: 2026-06-26 11:35:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":237782,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/3NognAIFplFKPUfL1YfrecEBito0GDXf4JIJD0uomCE\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9nZXR0eWltYWdlcy02NTUxNDY5NTYtMTcwNjY3YS5qcGc=.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[26,20,24,27],"class_list":["post-237781","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-ai","tag-artificial-intelligence","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237781"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=237781"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237781\/revisions"}],"predecessor-version":[{"id":237783,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/237781\/revisions\/237783"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/237782"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=237781"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=237781"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=237781"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}