AI Scanners Expose Thousands of Hidden Open-Source Vulnerabilities

Chainguard launched Athena, a coalition of over two dozen companies using AI to find and fix open-source vulnerabilities before public disclosure. The group has processed more than 20,000 findings and produced over 2,000 patches across 500 projects, with the first coordinated disclosure wave expected in about a month.

Chainguard has launched Athena, an industry coalition of more than two dozen companies using AI to surface and remediate open source vulnerabilities before public disclosure. Dan Lorenc, Chainguard CEO, confirmed the coalition is operational: it has processed more than 20,000 findings and produced over 2,000 patches across 500 open source projects, per Chainguard's official announcement. Founding members include BNY, Cisco, Cloudflare, Corridor, DepthFirst, Docker, JPMorganChase, Kyndryl, LTIMindtree, and PwC. Athena accepts vulnerability findings from all frontier models, including Anthropic's Project Glasswing and OpenAI's Daybreak program which uses GPT-5.5-Cyber . The first coordinated public disclosure wave is expected in approximately one month from the June 15 announcement. The Register quoted Lorenc: "This is going to be a messy summer for everyone."