Infected Red Hat npm packages expose developer credentials

A Security has emerged from stealth with $37 million in funding led by Lightspeed Venture Partners and Cyberstarts, with angel backing from Wiz chief executive Assaf Rapaport and Cyera chief executive Yotam Segev, to build an autonomous offensive security platform that identifies and remediates exploit paths before attackers can use them. Chief executive and co-founder […]

LF AI & Data Foundation, a division of the Linux Foundation, launched a working group on Tuesday that will focus on the development of DocLang, a specification intended to support interoperable document processing across AI and agentic workflows. The working group, founded by premier members IBM, Nvidia and Red Hat, is tasked with the creation of an open, universal, AI-native document format designed to improve how enterprises prepare, exchange, and govern document data for AI systems. Contributors ABBYY and Human Signal will also be involved in its development. The announcement stated, “enterprises today work across a fragmented landscape of document formats, including PDFs, JPEGs, and other file types built primarily for human consumption rather than AI interpretation.” As organizations increasingly rely on generative AI and agentic systems, it said, “this disconnect can introduce complexity, raise costs, and reduce reliability when extracting meaning from business documents.” Mark C

New specification, supported by leading LF AI & Data member organizations IBM and Red Hat, as well as other organizations including ABBYY, complements the Docling open source project SAN FRANCISCO, […] The post LF AI & Data Foundation Launches DocLang Specification Working Group appeared first on AIwire.

Open source code is everywhere in the enterprise; it’s estimated that upwards of 90% of Fortune 500 companies have it in their software supply chains. But open source code is notoriously rife with vulnerabilities, and identifying and patching those bugs can be an endless battle for security teams. IBM and Red Hat are betting that a new initiative, Project Lightwell, can help accelerate this process. Announced today, the project will commit $5 billion and 20,000 IBM and Red Hat engineers to build a new ‘enterprise clearinghouse’ to accelerate discovery and remediation of vulnerabilities in open source software. The companies say the clearinghouse will serve as an AI-powered  “security coordination layer,” giving enterprises the ability to integrate patches directly into their existing software supply chains. Now in the design phase with a group of 11 financial partners, Project Lightwell will eventually be offered as a commercial subscription. “The advancement in AI tools has broken the

The project follows Anthropic’s still-unreleased Mythos AI cybersecurity model, which uncovered serious security holes in software systems.

Project Lightwell establishes a trusted enterprise clearinghouse for open source software with a new AI-driven model for securing the software supply chain ARMONK, N.Y., May 28, 2026 — IBM and […] The post IBM and Red Hat Commit $5B to AI-Powered Open Source Security Initiative appeared first on AIwire.

Ocean, an agentic email security startup founded by former Israeli defence cybersecurity expert Shay Shwartz, has emerged from stealth with $28 million in funding led by Lightspeed Venture Partners, with participation from Picture Capital and Cerca Partners. Angel investors include Wiz CEO Assaf Rappaport and Armis co-founders Yevgeny Dibrov and Nadir Izrael. Shwartz, who began […]

A self-replicating worm that hijacks GitHub Actions pipelines to publish malicious npm packages has struck again, compromising AntV, echarts-for-react, and Microsoft’s durabletask SDK. Mini Shai-Hulud Exploits GitHub Actions to Hit 16 Million Weekly Downloads The Mini Shai-Hulud campaign, attributed to the threat group Team PCP, does not work the way most supply chain attacks do […]