IBM Muscles Into OSS Security Space with $5 Billion “Lightwell” Project
IBM announced a $5 billion investment in Lightwell, a private clearinghouse designed to scan and secure an unprecedented volume of open‑source software (OSS) used by enterprises. The initiative leverages IBM’s cloud and AI capabilities to provide continuous, automated risk assessments across on‑premise and multi‑cloud environments. Lightwell aims to position IBM alongside rivals such as Snyk and GitHub Advanced Security in the fast‑growing OSS supply‑chain security market. The project reflects IBM’s shift toward high‑margin, subscription‑based security services.
Canada’s Bill C-22 Creates a Blueprint for Surveillance
Canada’s Bill C-22 proposes mandatory technical capabilities and one‑year metadata retention for any electronic service provider operating in the country. The bill’s broad definition would pull in everything from large telecoms to small e‑commerce sites, forcing them to store user...
6 Critical Security Gaps Every CISO Must Address
A recent Proofpoint survey shows one‑third of CISOs believe their data isn’t adequately protected and 58% feel unprepared for a cyberattack, while only 67% think they have sufficient budget, staff, and tools. Experts identify six critical gaps: perception of security...
Anthropic to Give EU’s Cybersecurity Agency Access to Mythos
Anthropic PBC will grant the EU’s cybersecurity agency ENISA access to Mythos, its AI system that discovers and exploits software vulnerabilities. ENISA will join Project Glasswing, a pilot allowing vetted organizations to test Mythos before a wider rollout. The collaboration...
Hackers Are Already Laying Groundwork to Disrupt the 2026 Midterms, Research Says
Cybersecurity firm Check Point warns that hackers are already laying groundwork to disrupt the 2026 U.S. midterm elections. The report highlights a shift from targeting voting machines to exploiting campaign accounts, fundraising platforms, and local‑government web infrastructure through phishing, credential...
Password Manager Dashlane Suspends Customer Accounts Amid Brute-Force Attacks
Dashlane temporarily disabled a number of user accounts after detecting a wave of brute‑force login attempts originating from overseas IP addresses. The company investigated the incidents on Sunday, restored the affected accounts by evening, and moved the incident status to...