惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

T
Threat Research - Cisco Blogs
博客园 - 聂微东
小众软件
小众软件
P
Proofpoint News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
TaoSecurity Blog
TaoSecurity Blog
博客园 - 司徒正美
罗磊的独立博客
N
News and Events Feed by Topic
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
S
Security Affairs
S
Security @ Cisco Blogs
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
The GitHub Blog
The GitHub Blog
月光博客
月光博客
S
Secure Thoughts
P
Proofpoint News Feed
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Forbes - Security
Forbes - Security
H
Heimdal Security Blog
W
WeLiveSecurity
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
L
LangChain Blog
T
The Blog of Author Tim Ferriss
NISL@THU
NISL@THU
Google DeepMind News
Google DeepMind News
Cloudbric
Cloudbric
H
Hacker News: Front Page
The Last Watchdog
The Last Watchdog
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cisco Blogs
博客园 - 三生石上(FineUI控件)
博客园_首页
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
S
Schneier on Security
Project Zero
Project Zero
SecWiki News
SecWiki News
爱范儿
爱范儿
The Register - Security
The Register - Security
AI
AI
H
Hackread – Cybersecurity News, Data Breaches, AI and More
Y
Y Combinator Blog
L
Lohrmann on Cybersecurity
Application and Cybersecurity Blog
Application and Cybersecurity Blog
P
Privacy International News Feed
J
Java Code Geeks
S
Securelist
C
Cyber Attacks, Cyber Crime and Cyber Security
V
Visual Studio Blog

LWN.net

Security updates for Friday [LWN.net] [$] A look at MinIO alternatives: Ceph and Garage Podman 6.0 released [$] Hardening the kernel with allocation tokens and bootpatch-SLR Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 25, 2026 [$] Fedora: 2FA, or not 2FA, that is the question [$] A helper library for BPF arenas [$] Reports from OSPM 2026, day two Security updates for Wednesday [LWN.net] [$] KASAN for JIT-compiled BPF code Sunsetting Tor 0.4.8 Security updates for Tuesday [LWN.net] GIMP 0.54.1 in a Flatpak [$] Free-threaded Python: past, present, and future First preview release of Xfce [$] Reports from OSPM 2026, day one Security updates for Monday [LWN.net] Systemd v261 released [$] Suspending and resuming BPF programs [$] AURpocalypse now: a look at the recent AUR attacks Security updates for Friday [LWN.net] Eight new stable kernels for Friday The Software Freedom Conservancy [$] The first half of the 7.2 merge window Mastodon 4.6 released [$] Single-hop block replication with RMR and BRMR Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 18, 2026 Fedora F44 election results Everything security at PyCon US 2026 [$] Some buffer-heads cleanup work FairScan 2.0 released Security updates for Wednesday [LWN.net] The LWN public topics list [$] The state of Fedora in 2026 Firefox 152.0 released KDE Plasma 6.7 released Security updates for Tuesday [LWN.net] [$] Development statistics for the 7.1 kernel Stenberg: curl summer of bliss Security updates for Monday [LWN.net] The 7.1 kernel has been released [$] An overlayfs update Hundreds of AUR packages compromised Security updates for Friday [LWN.net] Homebrew 6.0.0 released [$] Automatic mTHP creation in 7.2 Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 11, 2026 Larson: Are insecure code completions a vulnerability? [$] AI agent runs amok in Fedora and elsewhere Buildroot 2026.05 released Security updates for Wednesday [LWN.net] Future of Ubuntu MATE [$] Eliminating long-lived credentials with trusted publishing Asahi Linux warns users not to upgrade to macOS 27 beta [$] BPF loop verification with scalar evolution Security updates for Tuesday [LWN.net] Linux App Summit 2026 (Heise) Three stable kernels for Tuesday Moving beyond fork() + exec() Ruby's Bundler adds a cooldown feature Security updates for Friday [LWN.net] Dave Airlie on Linux Kernel Maintenance (SE Radio) [$] Splicing out vmsplice() One step forward, two steps back on CA age bill (EFF Deeplinks Blog) Security updates for Thursday [LWN.net] [$] LWN.net Weekly Edition for June 4, 2026 [$] Open-source security is not a solo activity [$] BPF in the agentic era Tridgell: rsync and outrage Security updates for Wednesday [LWN.net] [$] Caching for extended attributes [$] Trying to make sense of package-manager metadata Vim Classic 8.3 released Security updates for Tuesday [LWN.net] Ombredanne: An AI agent ported our codebase from Python to Rust [$] Representing the true signatures of kernel functions Seven stable kernels for the first day of June DistroWatch turns 25 [$] Reconsidering x32 — again Multiple redhat-cloud-services npm packages compromised (StepSecurity Blog) Fedora F44 election interviews published Security updates for Monday [LWN.net] Kernel prepatch 7.1-rc6 [$] A trademark dispute over MeshCore [$] A loadable crypto module for FIPS certification Nesbitt: Protestware for coding agents Security updates for Friday [LWN.net] Rust 1.96.0 released Górny: why Gentoo? [$] Policies for merging new filesystems [$] Separating memory descriptors from struct page Security updates for Thursday [LWN.net] LWN.net Weekly Edition for May 28, 2026 Interview session with Jonathan Corbet MOT: a tool to fight openwashing in AI Andrew Morton's 2004 OLS keynote Further progress toward removing the page map count
IBM's 'Project Lightwell'
[Posted May 28, 2026 by corbet] · 2026-05-28 · via LWN.net
IBM has sent out a press release touting a claimed $5 billion investment into an operation called Project Lightwell:
Project Lightwell will establish a trusted enterprise clearinghouse combined with a global force of engineers to identify and fix vulnerabilities at scale. The clearinghouse will serve as a security coordination layer, using advanced AI capabilities to validate and test fixes across an unprecedented volume of open source code. These capabilities will be offered through commercial subscriptions, allowing enterprises to integrate secure patches directly into their existing software supply chains with enterprise-grade validation and lifecycle management.

Toward the bottom, it does also mention sharing vulnerability information with upstream projects.