Linus Torvalds says AI tools are flooding security lists with duplicate findings

Linus Torvalds says the Linux security mailing list has become nearly unmanageable due to a flood of AI‑generated bug reports, many of which are duplicates produced by researchers using the same automated tools. He argues that AI‑found bugs are rarely secret, making private reporting pointless and creating unnecessary churn for maintainers who must repeatedly redirect reporters to already fixed issues. Torvalds urges researchers to add real value by submitting patches instead of low‑effort drive‑by reports. His comments highlight growing tension between AI‑assisted security research and the practical workload it creates for open‑source maintainers.

Read the full story on The Register →