Linux Foundation and 20 tech giants launch Akrites to fix open-source flaws before AI-powered attacks hit

Staff Editor 2026-06-26
Linux Foundation and 20 tech giants launch Akrites to fix open-source flaws before AI-powered attacks hit

Linux Foundation and 20 tech giants launch Akrites to fix open-source flaws before AI-powered attacks hit

https://the-decoder.com/linux-foundation-and-20-tech-giants-launch-akrites-to-fix-open-source-flaws-before-ai-powered-attacks-hit/

Publish Date: 2026-06-26 06:10:00

Source Domain: the-decoder.com

About twenty tech companies, AI labs, and banks are joining forces through Akrites to fix vulnerabilities in critical open-source software before AI tools can exploit them.

The Linux Foundation has announced Akrites, a coordinated industry initiative to patch security flaws in widely used open-source software alongside maintainers before attackers can take advantage. Founding members include Amazon Web Services, Anthropic, Cisco, Citi, Google, IBM, JPMorganChase, Microsoft, NVIDIA, OpenAI, Red Hat, the Rust Foundation, Vodafone, and Zscaler.

The reason is a shift in the balance of power: finding and fixing serious bugs in open-source code used to require comparable expertise on both sides. Modern AI models can now scan a large project in minutes instead of weeks, exposing flaws far faster. Once those abilities are widely available, even attackers without deep technical skills get the tools for sophisticated exploits.

The Linux Foundation describes the current security response model as patchwork. Many organizations scan the same packages independently, report the same findings multiple times, and sometimes deliver conflicting patches. Maintainers get buried under duplicates while real, exploitable bugs get lost in AI-generated noise. Endor Labs CEO Varun Badhwar put the urgency in sharp terms: of thousands of validated open-source vulnerabilities from recent months, fewer than five percent have been patched.

One shared response team instead of a hundred separate reports

At the core of Akrites is a shared Security Incident Response Team (SIRT). It acts as a single, reliable point of contact for open-source project maintainers instead of dozens of organizations independently flagging the same flaws. The team vets incoming reports, filters out duplicates, and then coordinates fixes.

Akrites uses a standardized process for confidential vulnerability disclosure, known in the industry as Coordinated Vulnerability Disclosure. It builds on established standards like…

Source

More Stories

Intel ANV Vulkan Driver Now Enables Descriptor Heaps By Default

Intel ANV Vulkan Driver Now Enables Descriptor Heaps By Default

Staff Editor 2026-06-26
Linux 7.2 Fixes Where PCIe Devices Could Be Inadvertently Restricted To 2.5 GT/s

Linux 7.2 Fixes Where PCIe Devices Could Be Inadvertently Restricted To 2.5 GT/s

Staff Editor 2026-06-26
New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

New DirtyClone Linux Kernel Flaw Lets Local Users Gain Root via Cloned Packets

Staff Editor 2026-06-26

Terms and Conditions - Privacy Policy