Anthropic's AI Finds Bugs. IBM Bets $5B It Can Fix Them.
IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic's Mythos findings ignite debate over how to secure the open source software supply chain.
Red Hat develops enterprise Linux and related software, making its security advisories, patches, and vulnerabilities relevant to systems that rely on them.
Search across headline titles and summaries.
Background for this topic.
Red Hat is the publisher and maintainer of enterprise open-source platforms, chiefly Red Hat Enterprise Linux (RHEL), Red Hat OpenShift for containerized applications, and Red Hat Satellite for system management. RHEL commonly provides SELinux, a mandatory access-control system that restricts processes according to policy, while Red Hat’s signed packages, security errata, and defined support lifecycles help organizations maintain controlled software baselines.
Security teams track Red Hat security advisories and apply the relevant updates across RHEL hosts, virtual machines, and images; delayed patching can leave known flaws exploitable, while version and support status affect remediation options. Satellite can centralize repository and patch governance, but it must itself be secured. OpenShift adds Kubernetes-specific exposure: overly broad role permissions, exposed management interfaces, insecure container images, and misconfigured secrets can expand an application’s attack surface. SELinux and platform defaults reduce risk only when policies, access controls, image sources, and audit data are reviewed and maintained.
IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic's Mythos findings ignite debate over how to secure the open source software supply chain.