Akrites: Major tech firms unite to defend open source from AI-accelerated attacks

For decades, open source software has underpinned critical infrastructure like banking, telecom, and utilities. But artificial intelligence has fundamentally shifted the security landscape: what once took expert weeks to discover now takes an AI minutes, often yielding multiple vulnerabilities in a single pass. Maintainers are overwhelmed by a flood of uncoordinated reports, and every undisclosed flaw becomes a potential weapon. This is not a future risk—it is the present condition of every system we depend on.

In response, a coalition of 20+ organizations including Amazon Web Services, Anthropic, Google, Microsoft, OpenAI, NVIDIA, and Red Hat have launched Akrites—the largest coordinated effort in history to secure open source software. Akrites provides maintainers with a single, trusted Security Incident Response Team instead of hundreds of duplicate reports. It works upstream to fix vulnerabilities at the source, then partners with governments and critical infrastructure operators to ensure rapid patch deployment. Confidentiality is paramount, and Akrites will serve as maintainer of last resort for abandoned critical packages. The goal: match or surpass the speed of AI-assisted attackers through collective defense.