惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Apple Machine Learning Research
Apple Machine Learning Research
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Security @ Cisco Blogs
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Cisco Talos Blog
Cisco Talos Blog
Cyberwarzone
Cyberwarzone
SecWiki News
SecWiki News
Webroot Blog
Webroot Blog
L
LINUX DO - 最新话题
V
Vulnerabilities – Threatpost
T
Troy Hunt's Blog
Cloudbric
Cloudbric
L
LINUX DO - 热门话题
Google DeepMind News
Google DeepMind News
H
Heimdal Security Blog
S
Schneier on Security
NISL@THU
NISL@THU
The Hacker News
The Hacker News
Attack and Defense Labs
Attack and Defense Labs
A
Arctic Wolf
V2EX - 技术
V2EX - 技术
Security Latest
Security Latest
AWS News Blog
AWS News Blog
Scott Helme
Scott Helme
W
WeLiveSecurity
S
Secure Thoughts
Y
Y Combinator Blog
GbyAI
GbyAI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
博客园 - Franky
量子位
人人都是产品经理
人人都是产品经理
雷峰网
雷峰网
K
Kaspersky official blog
P
Privacy & Cybersecurity Law Blog
T
Tenable Blog
The GitHub Blog
The GitHub Blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
J
Java Code Geeks
Vercel News
Vercel News
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Schneier on Security
Schneier on Security
云风的 BLOG
云风的 BLOG
小众软件
小众软件
Engineering at Meta
Engineering at Meta
宝玉的分享
宝玉的分享
C
CERT Recently Published Vulnerability Notes
Security Archives - TechRepublic
Security Archives - TechRepublic
C
CXSECURITY Database RSS Feed - CXSecurity.com
P
Palo Alto Networks Blog

LWN.net

[$] A look at MinIO alternatives: Ceph and Garage Podman 6.0 released [$] Hardening the kernel with allocation tokens and bootpatch-SLR Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 25, 2026 [$] Fedora: 2FA, or not 2FA, that is the question [$] A helper library for BPF arenas [$] Reports from OSPM 2026, day two Security updates for Wednesday [LWN.net] [$] KASAN for JIT-compiled BPF code Sunsetting Tor 0.4.8 Security updates for Tuesday [LWN.net] GIMP 0.54.1 in a Flatpak [$] Free-threaded Python: past, present, and future First preview release of Xfce [$] Reports from OSPM 2026, day one Security updates for Monday [LWN.net] Systemd v261 released [$] Suspending and resuming BPF programs [$] AURpocalypse now: a look at the recent AUR attacks Security updates for Friday [LWN.net] Eight new stable kernels for Friday The Software Freedom Conservancy [$] The first half of the 7.2 merge window Mastodon 4.6 released [$] Single-hop block replication with RMR and BRMR Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 18, 2026 Fedora F44 election results Everything security at PyCon US 2026 [$] Some buffer-heads cleanup work FairScan 2.0 released Security updates for Wednesday [LWN.net] The LWN public topics list [$] The state of Fedora in 2026 Firefox 152.0 released KDE Plasma 6.7 released Security updates for Tuesday [LWN.net] [$] Development statistics for the 7.1 kernel Stenberg: curl summer of bliss Security updates for Monday [LWN.net] The 7.1 kernel has been released [$] An overlayfs update Hundreds of AUR packages compromised Security updates for Friday [LWN.net] Homebrew 6.0.0 released [$] Automatic mTHP creation in 7.2 Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 11, 2026 Larson: Are insecure code completions a vulnerability? [$] AI agent runs amok in Fedora and elsewhere Buildroot 2026.05 released Security updates for Wednesday [LWN.net] Future of Ubuntu MATE [$] Eliminating long-lived credentials with trusted publishing Asahi Linux warns users not to upgrade to macOS 27 beta [$] BPF loop verification with scalar evolution Security updates for Tuesday [LWN.net] Linux App Summit 2026 (Heise) Three stable kernels for Tuesday Moving beyond fork() + exec() Ruby's Bundler adds a cooldown feature Security updates for Friday [LWN.net] Dave Airlie on Linux Kernel Maintenance (SE Radio) [$] Splicing out vmsplice() One step forward, two steps back on CA age bill (EFF Deeplinks Blog) Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 4, 2026 [$] Open-source security is not a solo activity [$] BPF in the agentic era Tridgell: rsync and outrage Security updates for Wednesday [LWN.net] [$] Caching for extended attributes [$] Trying to make sense of package-manager metadata Vim Classic 8.3 released Security updates for Tuesday [LWN.net] Ombredanne: An AI agent ported our codebase from Python to Rust [$] Representing the true signatures of kernel functions Seven stable kernels for the first day of June DistroWatch turns 25 [$] Reconsidering x32 — again Multiple redhat-cloud-services npm packages compromised (StepSecurity Blog) Fedora F44 election interviews published Security updates for Monday [LWN.net] Kernel prepatch 7.1-rc6 [$] A trademark dispute over MeshCore [$] A loadable crypto module for FIPS certification Nesbitt: Protestware for coding agents Security updates for Friday [LWN.net] Rust 1.96.0 released Górny: why Gentoo? [$] Policies for merging new filesystems IBM's 'Project Lightwell' [$] Separating memory descriptors from struct page Security updates for Thursday [LWN.net] LWN.net Weekly Edition for May 28, 2026 Interview session with Jonathan Corbet MOT: a tool to fight openwashing in AI Andrew Morton's 2004 OLS keynote Further progress toward removing the page map count
The
[Posted June 26, 2026 by corbet] · 2026-06-26 · via LWN.net
The Linux Foundation, in a letter co-signed by a large range of organizations and companies, has announced the launch of "Akrites", a project to fast-track vulnerability fixes into projects.
As Akrites works upstream to fix projects at the source, we commit to support downstream efforts to secure critical infrastructure before it can be exploited. When patches are released to the public, adversaries are able to utilize AI to rapidly reverse engineer the underlying vulnerabilities, develop exploits, and launch attacks. The success of our efforts therefore will be measured in patch deployment, not publication. We will partner with critical infrastructure owners and operators, civil society efforts, and governments as they increase coordination to achieve these goals.

Confidentiality is non-negotiable: An undisclosed flaw in a widely deployed package is, in effect, a weapon, and the program is built first to prevent leaks. Fixes flow back into each project's own home, working with the maintainers. The engineering resources and other capabilities provided by Akrites participants contribute to this effort. Additionally, when a critical package has no one maintaining it, Akrites will stand as the maintainer of last resort so a fix can still reach everyone in a timely fashion. We will also align with government efforts so that public and private defenders move together, rather than in a disjointed fashion.