惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Security Archives - TechRepublic
Security Archives - TechRepublic
Forbes - Security
Forbes - Security
C
Cyber Attacks, Cyber Crime and Cyber Security
Latest news
Latest news
V2EX - 技术
V2EX - 技术
Google DeepMind News
Google DeepMind News
Cyberwarzone
Cyberwarzone
Vercel News
Vercel News
V
Vulnerabilities – Threatpost
I
InfoQ
GbyAI
GbyAI
有赞技术团队
有赞技术团队
雷峰网
雷峰网
阮一峰的网络日志
阮一峰的网络日志
A
Arctic Wolf
F
Full Disclosure
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
C
Check Point Blog
Hugging Face - Blog
Hugging Face - Blog
Simon Willison's Weblog
Simon Willison's Weblog
Google DeepMind News
Google DeepMind News
M
MIT News - Artificial intelligence
Engineering at Meta
Engineering at Meta
The Register - Security
The Register - Security
T
Tor Project blog
T
Troy Hunt's Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
S
Security Affairs
W
WeLiveSecurity
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Stack Overflow Blog
Stack Overflow Blog
Apple Machine Learning Research
Apple Machine Learning Research
H
Heimdal Security Blog
S
Secure Thoughts
Y
Y Combinator Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
Security Latest
Security Latest
Martin Fowler
Martin Fowler
G
Google Developers Blog
宝玉的分享
宝玉的分享
腾讯CDC
TaoSecurity Blog
TaoSecurity Blog
T
Threatpost
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Project Zero
Project Zero
Blog — PlanetScale
Blog — PlanetScale
大猫的无限游戏
大猫的无限游戏
MongoDB | Blog
MongoDB | Blog

Hacker News - Newest: "AI"

AI can't read an investor deck AI as an attorney? Student uses ChatGPT, Gemini to sue UW over alleged racial discrimination Hacking MCP Servers in AI Systems – The Rug Pull: Tool Changes After Approval GitHub - MeepCastana/KubeezCut: Free Web based video editor GitHub - GenAI-Gurus/awesome-eu-ai-act: Curated tools, official sources, OSS, templates, and guides for EU AI Act compliance. Can AI judge journalism? A Thiel-backed startup says yes, even if it risks chilling whistleblowers Coming soon: 10 Things That Matter in AI Right Now DARPA built an AI to fact-check enemy weapons claims What explains heterogeneity in AI adoption? When AI Meets Muscle: Context-Aware Electrical Stimulation Promises a New Way to Guide Human Movements - Department of Computer Science AI Changed How We Build. It Did Not Change What Matters. Linux rules on using AI-generated code - Copilot is OK, but humans must take 'full responsibility for the… Meta spins up AI version of Mark Zuckerberg to engage with employees Code Mode: Let Your AI Write Programs, Not Just Call Tools | TanStack Blog GitHub - Delavalom/graft: Go framework for building AI agents. Type-safe tools, multi-provider (OpenAI, Anthropic, Gemini, Bedrock), zero vendor SDKs. India's TCS tops estimates, says new AI models did not dent services demand Gen Z's fading AI hype Strong feeling: we are in a folded AI reality GitHub - machinarii/total-recall-catalog: A reference catalog of latest knowledge retrieval, memory & RAG systems GitHub - mensfeld/code-on-incus: Give each AI agent its own isolated machine with root, Docker, and systemd. Active defense detects and stops threats automatically.. Quantization, LoRA, and the 8% Problem: Benchmarking Local LLMs for Production AI Iran war: We spoke to the man making Lego-style AI videos that experts say are powerful propaganda Powell, Bessent discussed Anthropic's Mythos AI cyber threat with major U.S. banks GitHub - immartian/bellamem: Persistent belief-graph memory for AI agents. Retrieves decisive context by importance — not recency, not RAG, not /compact. recursive-mode: The Repo-Native Operating System for AI Engineering After the attack on Sam Altman's home, will AI CEO's go on the offensive? The biggest advance in AI since the LLM Opus 4.6 vs GPT 5.4 One Prompt Unity World Generation Test “AI polls” are fake polls Client Challenge Can AI be a 'child of God'? Inside Anthropic's meeting with Christian leaders How to Switch AI Chatbots and Why You Might Want To GitHub - MattMessinger1/agentic_refund_guardrail: Safe refund policy layer for AI agents — Python + TypeScript. Same behavior, shared tests. Adam/papers/emergent_values_whitepaper.md at master · strangeadvancedmarketing/Adam Ask HN: How do you stop playing 20 questions with your AI coding tools How far can automation and AI support psychotherapy? - @theU GitHub - stagas/rtdiff: realtime git diff gui and AI-assisted commits A Mac Studio for Local AI — 6 Months Later A History of the Early Years of AI at the University of Edinburgh Why AI Coding Tools Still Feel Stuck on Localhost MSN AI Datacenters Are Becoming Strategic Targets twitter.com Penn Researchers Use AI to Surface Unreported GLP-1 Side Effects in Reddit Posts Show HN: MoodSense AI (ML and FastAPI and Gradio, Deployed on Hugging Face) Moodsense Ai - a Hugging Face Space by aman179102 AI models are terrible at betting on soccer—especially xAI Grok GitHub - xialeistudio/echoic GitHub - HimashaHerath/github-dev-wrapped: AI-powered weekly GitHub activity reports deployed to GitHub Pages GitHub - alejandrobalderas/claude-code-from-source: Architecture, patterns & internals of Anthropic's AI coding agent — reverse-engineered from source maps AI and Tech brief: Ireland ascendant GitHub - Titovilal/context0: Context0 - Never Surrender Training for a Marathon with an AI Coach: What Worked and What Didn't Cyber Pulse: Agentic Intel - Apps on Google Play I Built an AI PR Reviewer That Catches Bugs by Not Looking for Bugs Gen Z workers are so fearful AI will take their job they’re intentionally sabotaging their company’s AI rollout | Fortune How AI Is Reimagining the Game of Golf–For Both Players and Courses GitHub - nattergabriel/reseed: A CLI tool for managing and distributing agent skills across projects Is SVG the final frontier? My AI workflow evolved from prompts to a near-autonomous workflow MLSharp Help - 3DGS Viewer & Generator I put my cognitive field based AI's runtime on GitHub Is Numble the first AI-proof game? A3: Kubernetes for autonomous AI agent fleets | Emergent Principles Deepali Vyas ("The Elite Recruiter") GitHub - msmarkgu/RelayFreeLLM: A restful API designed to route user prompts to various AI model providers. Unionized ProPublica staff are on strike over AI, layoffs, and wages Unleashing the Advantage of Quantum AI We're heading for an AI-fueled 'dementia crisis,' brain scientist warns The AI-Assisted Breach of Mexico's Government Infrastructure [pdf] GitHub - stef41/lmscan: 🔍 Detect AI-generated text and fingerprint which LLM wrote it. Open-source GPTZero alternative. Zero dependencies, works offline. MSN GitHub - visionscaper/collabmem: Enabling long-term collaboration with Agentic AI - building up episodic and world model memory over time with in-context awareness We gave an AI a 3 year retail lease in SF and asked it to make a profit | Andon Labs AI Code is Hollowing Out Open Source, and Maintainers are Looking the Other Way What leaked "SteamGPT" files could mean for the PC gaming platform's use of AI AI is the boss at this retail store. What could go wrong? GitHub - Wuzu11517/agentic-proxy: Local proxy meant to help reduce With Drones, Geophysics and ArtificiaI Intelligence, Researchers Prepare to Do Battle Against Land Mines A Single Operator, Two AI Platforms, Nine Government Agencies: The Full Technical Report 在 Steam 上购买 FriedrichAI: Offline AI 立省 10% GitHub - inevolin/resume-cli: Hit Claude usage limits? Resume any AI coding session elsewhere. Switch tools at zero friction. GitHub - atripati/ark: AI Runtime Kernel — a context operating system for AI agents. Eliminates tool bloat, loads only what’s needed, and gives LLMs their reasoning space back. How to Build a Secure AI PR Reviewer with Claude, GitHub Actions, and JavaScript This Startup Wants You to Pay Up to Talk With AI Versions of Human Experts Intel Arc Pro B70 Brings 32GB VRAM to Local AI for $949 WordPress 7.0: The Good, the AI, and the Still Missing AI on the couch: Anthropic gives Claude 20 hours of psychiatry IatroBench: Pre-Registered Evidence of Iatrogenic Harm from AI Safety Measures AI Agents Know About Supabase. They Don't Always Use It Right. The history and future of AI at Google, with Sundar Pichai Inside an AI‑enabled device code phishing campaign How Meta Used AI to Map Tribal Knowledge in Large-Scale Data Pipelines AI for Systems: Using LLMs to Optimize Database Query Execution Forecasting the Economic Effects of AI Introducing Tinker: Play with AI, bring your ideas to life AI sheds light on an ancient gaming mystery People really hate AI but not as much as Iran—or Democrats | Fortune What is an AI Product Engineer? Phoebe Gates wants her $185 million AI startup to succeed with 'no ties to my privilege or my last name': 'I have a chip on my shoulder' | Fortune
AI, open code and vulnerability risk in the public sector
RobinL · 2026-05-15 · via Hacker News - Newest: "AI"

Technology leaders are asking whether AI-accelerated vulnerability discovery means that public sector departments should stop publishing source code ‘in the open’ by default. 

User research suggests that the primary driver of exploitation risk is the presence of weaknesses in systems - including unpatched vulnerabilities, insecure implementation, and unsafe configuration or deployment - and the inability to remediate them quickly. Publishing source code does not create those weaknesses, but it can modestly reduce attacker uncertainty and speed up analysis (an effect that may increase with AI assistance), especially where maintenance is weak and fixes are slow. This guidance reinforces the minimum operational capability already assumed for safely operating publicly-accessible services.

Recommendations 

  1. Meet the minimum standard for publicly-accessible systems. Ensure clear ownership, secure-by-design practice, automated hygiene, and credible remediation capability (privacy should not be used as a substitute control). 

  2. Keep open by default. Making everything private adds additional delivery and policy costs, and can reduce reuse and scrutiny. Openness should remain the default posture, with closure used sparingly and deliberately. 

  3. Make exceptions explicit and reviewable. Where code should be closed, require a short threat model that states the attacker, what publication adds, and the realistic path to harm. Keep exceptions narrow, time-bound, and re-approved periodically. 

  4. Strengthen remediation capability. Assume shorter discovery-to-exploit windows by setting patch SLAs, automating dependency and vulnerability management, and ensuring teams can respond quickly to inbound reports. This is essential whether code is open or closed.

Current published advice on open source

Across government, guidance is consistent that code produced with public money should be open and reusable by default, with limited, justified exceptions. This is reflected in the Service Standard, the Technology Code of Practice, the Secure by Design policy and supporting standards such as GDS Way, Home Office and HMCTS

In plain terms, this guidance is about making reuse easier, keeping delivery transparent, avoiding duplicate builds and supplier lock-in, and benefiting from external scrutiny, while embedding security from the outset and throughout the service lifecycle. 

Government guidance assumes teams do not treat source code visibility as a primary security control, and instead follow standard practice that secrets are never committed to any repository (public or private), which include credentials, API keys or tokens, and private keys. This guidance assumes public repositories do not include security-sensitive implementation details that would materially increase exploitability if published, such as internal hostnames or IP ranges, admin endpoints, and security controls or thresholds. Even with these controls, where publication would create a specific, credible route to harm, teams can keep code closed as a justified exception, not a new baseline.

Advances in AI-enabled vulnerability detection 

AI-assisted software analysis is improving quickly. The UK AI Security Institute reports that recent frontier models show materially-stronger cyber capability in controlled evaluations. Some examples of this are the AI Security Institute frontier AI trends report, December 2025; and the AISI Work Blog, Our evaluation of Claude Mythos Preview’s cyber capabilities, 13 April 2026. The implication for departments is a shorter window between discovery and exploitation. 

AI changes the speed and scale of analysis. This tends to compress the time between a weakness existing and being exploited, making remediation capacity more important than ever. Access to source code can give attackers an advantage by reducing uncertainty and enabling faster, more targeted review, which is an advantage that may grow with AI assistance.

In practice, that advantage is usually incremental relative to the underlying presence of weaknesses and the speed of patching and mitigation. The leadership judgement is therefore not whether source access matters at all, but whether the additional advantage is significant enough, in practice, to justify moving away from open by default. Attackers can already find weaknesses without source code, such as by probing running services, fuzzing, or analysing binaries and dependencies, and defenders can use the same tools to review and triage faster. 

Recent public reporting about organisations restricting access to public repositories due to AI-enabled code analysis illustrates how quickly leaders may reach for blanket closure in response to uncertainty. This guidance presents an alternative, to stay open by default, but to make publication a deliberate decision backed by a minimum maintenance and remediation standard. 

In practice, production risk is primarily driven more by secure-by-design architecture and implementation, and by deployment, configuration, dependency hygiene and access control, than by the visibility of application logic through published source code. Many serious vulnerabilities are logic flaws in code, but attackers can often discover and exploit them through other means. 

The point is that source visibility usually changes time-to-discovery and attacker uncertainty, rather than being the dominant determinant of whether a weakness exists or how quickly it is mitigated. Teams should focus on an in-depth defence approach that prioritises secure-by-design delivery, separation of secrets from code, strong environment controls, monitoring, and rapid remediation. These are the controls that are effective whether code is public or private.

Additional considerations 

The recommendations above set the default posture. The considerations below provide additional context for leadership decisions, highlighting common pitfalls of ‘closing by default’, and practical factors that affect real-world risk whether code is public or private. 

1. Private repositories can create a false sense of security.

Making a repository private can encourage security-by-obscurity thinking, and can reduce the urgency to fix underlying weaknesses. 

2. Closing code after publication may not remove exposure.

Where code has been developed in the open, making a repository private later may not remove access for a capable adversary as popular repositories are often mirrored or forked, and even low-profile repositories may already have been indexed or cloned by researchers or attackers. 

3. Closure can become a one-way door.

Private repositories reduce reuse and external scrutiny, and over time teams diverge. That makes it harder to make the code public again, because the work required to publish safely and confidently increases. 

4. The same tools can be applied to defence.

As discovery accelerates, defence must rely on continuous review, testing and remediation. Openness reinforces this discipline, while avoiding scrutiny does not remove defects and can allow weaknesses to persist. 

5. Openness can surface issues earlier.

Public code allows issues to be identified by a wider set of reviewers, including across government and the supplier ecosystem. Closing code concentrates discovery within delivery teams and operational monitoring. 

6. Precedent matters.

Broad ‘AI’ justifications for closure are easily copied and, once normalised, they undermine cross-government coherence on reuse and standards. 

Minimum standard for publicly-accessible systems 

Leaders should treat the following as a minimum bar for making a repository and associated system public. This guidance does not introduce new security expectations, instead it makes explicit the minimum operational capability already assumed by existing open‑by‑default and secure‑by‑design guidance. 

As a minimum, you must have: 

  • a named owner and maintenance plan, including  a current service or team owner who is accountable for the repo, its dependencies, and how long it will be supported, visible through CODEOWNERS files or similar 

  • a security contact and intake route, with clear instructions for reporting vulnerabilities (for example, a SECURITY file and monitored mailbox) and a defined triage process 

  • no secrets or sensitive operational detail, and enforced controls to prevent committed secrets (tokens or keys), as well as removal of environment-specific hostnames, IP ranges, admin endpoints, or security thresholds where these would materially increase exploitability 

  • a secure-by-design baseline, with evidence that the system follows these principles (for example, in threat modelling, safe defaults, least privilege, and hardening of publicly accessible endpoints), as operational hygiene can not compensate for unsafe architecture or configuration 

  • automated hygiene, with dependency update tooling, vulnerability and secret scanning, and trunk protections (such as prevent force‑push and require CI checks) so that fixes can be applied quickly without introducing new risk 

  • patching expectations with agreed timelines for addressing critical and high vulnerabilities, including the ability to demonstrate that you meet them 

  • a safe posture for unmaintained code where, if a repo is not actively maintained, it is clearly marked and archived, and any deployed service is either decommissioned or has an explicit owner and patching route 

Making code private is not an appropriate mitigation for lack of ownership, patching capability, or operational assurance, so systems that cannot be safely maintained should be remediated or retired. 

If a team cannot meet the minimum standard, leaders should address the underlying operational gap. In practice this means leaders should either staff the capability (often via shared services) so the system is safely-operated or retire or decommission systems (and archive associated repositories) that are no longer required, while ensuring that no live service remains without an explicit owner and patching route. 

Only once a system meets the minimum operational standard, leaders may use the existing exception rule where publication of otherwise well‑maintained code would create a specific, credible route to harm.

Avoid ‘private by default’

The intent is to avoid a private by default drift that masks under‑resourced maintenance. Moving code from public to private as a substitute for investment in secure-by-design delivery, ownership and remediation is a warning sign because it reduces sharing and scrutiny, can slow coordinated improvement across government and suppliers, and does not remove the underlying weaknesses in a running service.

Departments should treat privacy as an exception control for specific, credible routes to harm, and not as a compensating control for inadequate capability.

Additional resources

For further information, you should refer to: