TL;DR: In April, Anthropic announced an AI model called Mythos that had reportedly found thousands of serious security bugs in every major operating system and web browser. The reaction was loud: The Bank of England warned regulators it could “crack the whole cyber risk world open”, US Treasury called in the big banks, NHS England closed all its public code repositories inside two weeks.
Five weeks on, the dust has settled and the picture looks different: Independent reviewers pulled the headline numbers apart. The creator of curl, one of the most widely used open-source tools in the world, ran the Mythos report against his own code and found it had identified one minor flaw, calling the hype “primarily marketing”. 99% of Mythos’s claimed findings remain unpublished and unverified.
What did happen in those five weeks is that the open-source world fixed and disclosed its share of the bugs publicly, in the open, on commit logs anyone can read. That is open source working as it is supposed to, so don’t call open-source a liability.
The lesson for our administrations is the opposite of NHS England’s. Closing your code does not make you safer. Funding the open ecosystem you already depend on, and using similar AI tools defensively on your own code, does.
May 15, 2026
Google and Microsoft publish transparency reports twice a year on government data requests. But beyond the country-by-country subpoenas lies a second layer of US legal instruments that no data residency commitment can neutralise.
May 6, 2026
Bram Buijs, board member of the Dutch Open Source Business Alliance, is joining the BeLibre meetup to tell us how DOSBA brought in 42 members in a single year and joined the European umbrella organisation APELL.
It’s a story spanning more than a quarter century of trial and error: DOSBA is the fourth Dutch attempt at organising the open source business sector. The first dates back to 1999. Why did the three predecessors fail, and why is DOSBA succeeding?
May 6, 2026
This guest contribution was reposted from LinkedIn and translated with the author’s permission.
I read the FT article somewhere between two meetings. And I had to stop for a moment.
Not because it was so impressive. But because it was so rare. A government saying what it wants, why it wants it, and then simply… starting.
“The important thing is that we become independent from centralised, monopolistic providers. That is what we are striving for, step by step.”
May 2, 2026
#
Meetup, 7 May 2026
Katrien Bernaerts will be speaking with us at the BeLibre meetup. Anyone attending is welcome to join the presentation.
#
Topic
What grew quietly for years is now genuinely picking up pace.
Since 2012, we’ve been taking the first steps towards open digital learning with Xerte, reinforced by H5P from 2015 onwards.
April 30, 2026
