An 11-year wait ends for one of open source’s oldest games, GitHub turns its own security research tools loose on the world, and a startup bets $20 million that open-source AI doesn’t need Big Tech’s cloud. Here’s what matters today.
NetHack 5.0.0 released — the legendary roguelike’s first major version in over a decade
NetHack, the open-source dungeon crawler that first appeared in 1987, shipped version 5.0.0 on May 2 — its first major release since 3.6.0 in 2015. The changelog runs to over 3,100 fixes and changes, and the architectural overhaul is substantial: the codebase has been brought to C99 compliance, and the old yacc/lex-based level and dungeon compilers have been entirely replaced with Lua-based alternatives that load at runtime. As The Register noted, this is a game so influential it gave its name to the “NetHack school of design” — the philosophy that every possible player action should have a meaningful consequence. The jump from 3.x to 5.0 (skipping 4.x entirely) signals the scale of the rewrite. In an era of live-service games and endless early access, there’s something quietly remarkable about a volunteer-maintained project that’s been in continuous development for nearly four decades and still ships when it’s ready, not when a quarterly earnings call demands it.
GitHub Security Lab released the Taskflow Agent, an MCP-enabled, multi-agent framework for declarative security research workflows. Built on top of the OpenAI Agents SDK with YAML-driven taskflow definitions, it lets researchers script agentic vulnerability discovery without writing code. The numbers from internal use are striking: the framework has surfaced more than 80 security issues across open-source projects, with roughly 20 already publicly disclosed — including authorization bypasses that allowed login as arbitrary users. The timing is notable: as the NHS locks down its repos over fears of AI-powered vulnerability discovery, GitHub is open-sourcing exactly the kind of tool that makes those fears concrete. The difference is that GitHub is betting on the “more eyes” side of the argument — that broadly accessible AI security tools help defenders more than attackers, because defenders can run them on their own codebases proactively, while attackers already have their own tooling.
Featherless.ai raises $20M Series A to build hardware-neutral open-source AI infrastructure
Featherless.ai, the serverless inference platform for open-source models, closed a $20 million Series A co-led by AMD Ventures and Airbus Ventures, with BMW i Ventures, Kickstart Ventures, and others participating. The company supports over 30,000 open models across language, vision, and audio, and differentiates itself with a hot-swapping technique that loads models into GPU memory on demand in under five seconds. The investor list tells the strategic story: AMD wants an inference ecosystem that isn’t locked to NVIDIA’s CUDA, Airbus wants sovereign AI options, and BMW wants vendor-neutral deployment for automotive AI. Founded by the team behind RWKV — the open-source architecture designed to challenge transformer dominance — Featherless is positioning itself as the neutral infrastructure layer that makes running open-weight models as easy as calling a proprietary API. With GitHub Copilot moving to usage-based billing and the big cloud providers tightening their AI pricing, the demand for independent inference infrastructure is only going to grow.
Update: NHS exemption deadline arrives today as The Register reports hundreds of repos face closure
Today is the deadline for NHS England teams to request exemptions before all public GitHub repositories must be made private by May 11. The Register’s coverage on May 5 confirmed the scale: hundreds of repositories across NHS England, NHS Digital, and NHS.UK organizations are affected. An NHS England spokesperson described the action as “temporarily restricting access to some NHS England source code to further strengthen cybersecurity while we assess the impact of rapid developments in AI models.” The community response has only intensified since our last briefing: former NHS open-source leaders continue to point out that the code has been publicly available for years and was almost certainly already ingested by AI training pipelines long ago. The fundamental tension remains unresolved — and with exemption requests due today, we’ll soon see how many teams managed to make the case for keeping their work in the open.
The Global Open-Source Innovation Meetup (GOSIM) concluded its Paris 2026 edition today at Station F, running May 4-6 with six tracks spanning agentic AI, open-source robotics, edge AI, and what organizers call “AgenticOS” — the emerging layer between agentic applications and operating systems. Speakers from NVIDIA, Hugging Face, Uber, Huawei, and Zhipu AI presented across keynotes, workshops, and a robotics hackathon. The conference also featured the GOSIM Spotlight project showcase and the debut of PanEval, an open-source evaluation framework. While North America has Open Source Summit and KubeCon, GOSIM is carving out a distinct niche as Europe’s premier venue for open-source AI infrastructure — a space where the EU’s emphasis on digital sovereignty and open standards meets the practical work of building agentic systems.
GitHub kicks off fifth annual Maintainer Month — with a new Open Source for Science Fund
May marks GitHub’s fifth annual Maintainer Month, celebrating the people who keep open source running. This year’s edition includes over 25 events and livestreams, new badges, and special discounts. But the bigger news is the launch of the Open Source for Science Fund, a multi-donor initiative by Renaissance Philanthropy pooling capital from Biohub, Wellcome, and the Kavli Foundation to sustain scientific open-source software in the AI era. Building on the Essential Open Source Software for Science program — which deployed $58 million across 230+ projects over six cycles — the Fund’s inaugural call focuses on life sciences, with grants up to $1 million for foundational libraries and ecosystem initiatives. Applications open May 11. As AI reshapes scientific research, the tools researchers depend on — the NumPys, the BioPythons, the imaging libraries — need sustained investment, not just occasional grants. This fund is designed to provide exactly that.