Linux Foundation and 20 tech giants launch Akrites to fix open-source flaws before AI-powered attacks hit

Insight summary

• •The Linux Foundation and about 20 tech companies have launched Akrites to protect open-source software from AI-driven attacks.
• •Akrites replaces the current uncoordinated vulnerability reporting system with a centralized Security Incident Response Team (SIRT).
• •The initiative vets reports confidentially and coordinates repairs, using standards like CVE, CVSS, and TLP for disclosure.
• •Akrites will act as a maintainer of last resort to patch abandoned open-source projects directly.
• •Founding members include major companies such as Amazon Web Services, Google, Microsoft, and OpenAI.
• •The initiative seeks to address the accelerating threat from AI tools that can rapidly identify and exploit software flaws.
• •Seed funding comes from the Linux Foundation's Alpha-Omega fund, with open invitations for further contributions.