36
The 90 day disclosure policy is dead (blog.himanshuanand.com)
submitted 1 week ago by cm0002@toast.ooo to c/linux@programming.dev
5 comments fedilink hide all child comments

Article on the new wave of AI-generated bug reports, and how patches are quickly turned into exploits with automation assistance.

There are really plenty of them, including in commercial software - Firefox has for April twenty times more security bugs reported than normal.

I can't tell how dramatic this is really. Maybe this is being cooked a tad hotter than it is eaten. Some reports on AI capabilities are basically clever marketing - or even outright misleading.

What is clear is that distros will need to fix more bugs, and it will take some time until most uncovered bugs are fixed.

Users will need to update more frequently.

Frugal configurations might become even more attractive.

Who is in for a bad time are probably vendors and users of "connected" devices which were never designed to be updated. Every Smart TV, Amazon Echo, "Smart" home device, or "Smart" toothbrush will likely become open to black hats or enemies of peace and democracy which invade your home network. Including medical stuff...

Some devices should probablybe put in a Farady cage - say anything that would be able to start a fire.

you are viewing a single comment's thread
view the rest of the comments
[-] Fizz@lemmy.nz 5 points 1 week ago

https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/

Firefox security team has gone over verified and patched all these bugs. They used to do 30 a month and then they got access to mythos and found 70 bugs then last month they found 423

I really worry for developers if they are going to get bombarded with hundreds of "P0" incidents that must be fixed immediately. The pressure on developers is bad enough as is.

[-] CodeMonkey@programming.dev 3 points 1 week ago

I am curious about what will happen next month. Will Mythos find 500-1000 new bugs or will Mozilla have fixed every bug pattern Mythos knows and they will get few if any additional bugs? Will Mythos start hallucinating bugs or suggesting exploits that require an impossible coincidence to occur?

load more comments (2 replies)
this post was submitted on 14 May 2026
36 points (95.0% liked)

Linux

13774 readers
611 users here now

A community for everything relating to the GNU/Linux operating system (except the memes!)

Also, check out:

Original icon base courtesy of lewing@isc.tamu.edu and The GIMP

founded 2 years ago
MODERATORS
Ategon@programming.dev
anzo@programming.dev
dwraf_of_ignorance@programming.dev