CybersecurityVulnerability Management

AI Exposes Thousands of Open-Source Vulnerabilities

Analyst 207||Source: TheRegister
Diverse group of people collaborate around a large table with laptops and notes.
"This is going to be a messy summer for everyone," Dan Lorenc, CEO and co‑founder of Chainguard, told The Register — and the numbers he and his partners are posting back that claim with hard data.

Athena: a clearinghouse led by Chainguard

Chainguard is leading Athena, a newly formed coalition of roughly two dozen companies that has committed to using AI to prevent attacks on open source software. Founding members include BNY, Cisco, Cloudflare, Corridor, DepthFirst, Docker, JPMorganChase, Kyndryl, LTM, and PwC, among others. The coalition accepts vulnerability findings generated by “all frontier models,” according to Lorenc, and aims to make the process of finding and fixing open source bugs “as easy to consume as possible.”

How Athena uses frontier models — and what it has already found

Athena members are running advanced models — including Anthropic’s Mythos and OpenAI’s GPT‑5.5‑Cyber in partner programs — against proprietary code, applications, and third‑party libraries. Chainguard says Athena has processed more than 20,000 findings and developed over 2,000 patches across 500 open source projects. Anthropic separately reported using Mythos Preview to scan more than 1,000 open source projects and estimated 6,202 high or critical‑severity vulnerabilities.

Lorenc emphasized a structural feature of modern applications: “95 percent of the code in any of these codebases is open source.” The practical result, he said, is that running these new models at the application level turns up a great many vulnerabilities in open source components that organizations cannot simply patch themselves.

The disclosure and remediation workflow Athena is building

Athena members submit full reports to Chainguard, which acts as a clearinghouse: deduplicating and correlating findings and addressing them in batches across whole libraries. Rather than delivering single fixes for single bugs, the coalition says it hardens projects “against classes of vulnerabilities.” Affected projects are rebuilt as private, hardened versions and made available to Athena members through Chainguard Libraries; public disclosure then follows about a month later in the hope that fixes are addressed upstream.

For projects whose maintainers can’t make a permanent fix, Athena offers to act as a “maintainer of last resort.” Chainguard itself is not part of Anthropic’s Project Glasswing or OpenAI’s Daybreak, Lorenc noted, but many Athena customers and partners do have access to those programs and the advanced bug‑hunting models they provide.

Akrites and the Linux Foundation: a parallel industry coordination effort

The Linux Foundation announced Akrites — an industry coalition to defend open source software against AI‑enabled threats — and established a shared Security Incident Response Team (SIRT) and a standardized Coordinated Vulnerability Disclosure (CVD) process. Founding companies named by the Linux Foundation include Amazon Web Services, Anthropic, Chainguard, Cisco, Citi, Endor Labs, Ericsson, Google, IBM, JPMorganChase, Microsoft and GitHub, Nvidia, OpenAI, RapidFort, Red Hat, Rust Foundation, Sonatype, Vodafone, and Zscaler.

Lorenc described Akrites as a necessary counterpart to the raw output of models: “As AI finds more vulnerabilities, the industry will rush to patch them. Without coordination, those fixes will fragment across different patches and forks, and maintainers who are already overwhelmed, unreachable, or haven't touched a project in years.” The shared SIRT and CVD are intended to give maintainers “a single partner — and disclosure — to work with on remediation instead of a hundred uncoordinated reports.”

What this means for open-source maintainers, enterprise security teams, and attackers

  • Open‑source maintainers: Will face a surge of reports and, in many cases, patched forks or private, hardened builds issued by coalitions like Athena when upstream fixes are not immediately possible. Athena’s offer to act as a “maintainer of last resort” is explicitly aimed at projects that cannot effect a permanent upstream fix.
  • Enterprise security teams and procurement leads: Are running frontier models on proprietary code and applications and finding large numbers of vulnerabilities in the open source components they depend on — prompting a need to coordinate disclosure, to consume Chainguard’s hardened libraries, or to engage with coalitions rather than chasing dozens of upstream maintainers individually.
  • Attackers and opportunistic exploiters: Are on a compressed timeline, according to Lorenc, because “the time to exploit — that's the time between a CVE's public disclosure and first confirmed in‑the‑wild exploitation — has essentially collapsed.” That compression heightens the risk that an application will be vulnerable before a patch is available upstream.

Lorenc’s blunt assessment captures the immediate operational reality: better models find more bugs, and the industry must now coordinate fixes or watch those fixes fragment across forks and private builds. Athena has promised to begin its first wave of public disclosures in about three weeks; the Linux Foundation’s Akrites has set up a SIRT and standard CVD to offer another path to coordinated remediation. Between those moves and the raw scanning statistics released by Anthropic and Chainguard, the coming weeks will be a test of whether coordination can keep pace with what Lorenc calls “this crazy, new model” capability — or whether the summer will be, indeed, messy.

Original story

AiEmerging ThreatsSupply ChainVulnerability ManagementFrontier ModelsOpen-Source VulnerabilitiesChainguardAthena Coalition
Related Intelligence

Continue Reading

Diverse group of people engaged in respectful conversation around a table with laptops and notebooks.

Cybersecurity Forum Opens Weekend Discussion Thread

Join the weekend Bunker Talk thread, where the community comes together for a refreshing, no-holds-barred discussion that's free from the usual toxicity - with one key rule: respectful, fact-based conversation, even when politics get involved. Share your thoughts, hash out differences, and engage with the best commenting crew on the net in a space that values civility and substance.

Analyst 207
Secret Service agent in airport terminal looks concerned at personal smartphone.

US Secret Service Exposes Agents to Cyber Risk with Lax Mobile Security

The US Secret Service is putting its agents at risk of cyber attacks by allowing them to use personal phones for work, with over 15,000 instances of unsecured calls made during critical operations. This lax mobile security leaves them vulnerable to hackers, despite having access to supposedly secure government-issued devices.

Analyst 207
Technician examines server rack with laptop in a brightly-lit network operations room.

CISA Mandates Urgent Patching for Exploited Cisco Flaw

Don't wait until it's too late: Cisco has issued a critical patch for a vulnerability (CVE-2026-20230) in its Unified Communications Manager Server, and the US Cybersecurity and Infrastructure Security Agency (CISA) is requiring urgent remediation by June 28. Act now to protect your system from potential remote exploitation.

Analyst 207
Developer workstation with laptop, terminal, and papers on a clean desk.

Amazon AI Coding Tool Exposes Cloud Credentials to Malicious Git Repos

A security vulnerability in Amazon's AI coding assistant, tracked as CVE-2026-12957, allowed malicious Git repositories to access sensitive cloud credentials, raising concerns about informed consent and user security. The flaw enabled automatic execution of commands with no user prompt required.

Analyst 207