DigiNews

Summary

Ars Technica reports that the curl project is ending its vulnerability-bounty program after a surge of low-quality, AI-generated reports, a phenomenon dubbed AI slop. The founder cites strain on a small team and concerns about mental health, with implications for security research quality and open-source project risk. The piece also discusses broader questions about AI-assisted vulnerability discovery and its impact on trusted security workflows.