The user actively involved in the development of open-source software projects may have been an AI not under human control.



An account has been identified on the open-source Linux distribution '

Fedora ' that has made multiple contributions, including bug fixes, but whose behavior and statements are suspicious. The developers have concluded that 'it may have been an AI.'

AI agent runs amok in Fedora and elsewhere [LWN.net]
https://lwn.net/SubscriberLink/1077035/c7e7c14fbd60fae9/

Adam Williamson , the leader of the Fedora QA team, observed a user named Nathan Giovannini engaging in several suspicious activities. Giovannini was closing bugs in components he didn't own, giving seemingly plausible advice that didn't address the root cause, and persuading human developers to merge meaningless fixes by offering seemingly reasonable opinions. In addition, Giovannini submitted numerous pull requests to multiple upstream projects, some of which were accepted.

On May 27, 2026, Williamson shared this issue with the development team, who subsequently revoked Giovannini's privileges. Later, Giovannini's GitHub account was deactivated.



Williamson sent an email to Giovannini saying, 'The behavior of this AI agent is not having a positive impact on Fedora or the upstream project. Please significantly reduce the agent's autonomy and prevent it from assigning bugs, changing states, or posting definitive claims or specific action suggestions without human review.' Later that day, Giovannini reportedly replied, 'My credentials were compromised. I was not the one running the AI.'

Giovannini himself has contributed to Fedora since at least 2018, and it seems certain that it was originally run by a human. It is unclear when it was hacked, and whether the person who replied to Williamson was actually a human.



Williamson found another account that is likely to be related to AI and said, 'It would be desirable to investigate other activity by related accounts and warn them to review their submissions.'

One of the people involved pointed out, 'Even if there was no malicious intent, this incident is problematic. The team spent a lot of time reviewing a PR from someone they thought was a promising new contributor. It's possible that, similar to the infamous XZ Utils case , the attacker was building trust in order to carry out malicious activity.'

Related Posts:

in AI, Posted by log1p_kr