InfoWorld

As enterprises move from AI experimentation to production deployments, one challenge is becoming increasingly apparent: AI systems are only as reliable as the business context they operate in. Snowflake is attempting to address that problem with Horizon Context, a new set of semantic and metadata-management capabilities, currently in preview, that it unveiled Tuesday at its annual Snowflake Summi…

Workday is aiming to help customers to develop and deploy agentic systems without compromising corporate security or compliance, unveiling a series of AI tools at its DevCon event this week. Chief among them is Agent Passport, which validates an agent’s safety and compliance both before it is deployed, and continuously during its operation. When an agent attempts a task, Agent Passport can allow,…

Most enterprises already have access to AI models, so that is no longer the differentiator. The real challenge begins after the demo ends. Organizations are now trying to determine how AI agents interact with ERP systems, supply chains, approvals, security policies, customer records, and operational environments that were never designed for autonomous systems. The reality is that ERP remains the …

Developers who pulled packages from Red Hat’s @redhat-cloud-services npm namespace over the weekend got a secret-stealing worm instead. Security researchers from several cybersecurity outlets are warning of a new supply chain attack compromising over 30 Red Hat Cloud Services-related npm packages to steal credentials, authentication tokens, and other secrets from developer environments. The campa…

A malicious npm package posing as a remote user interface for OpenAI Codex exfiltrated developer authentication tokens, after attackers allegedly published code to npm that was not visible in the project’s public GitHub repository. Researchers at Aikido said the package, called codexui-android, appeared to offer legitimate functionality while collecting authentication tokens and sending them to a…

The first mobile application user interfaces were often scaled-down versions of what was already available on the web. Then, user experience (UX) designers recognized that the different smartphone form factor created new business opportunities and greater utility compared to what people were doing on their desktops. UX designers created mobile-first experiences tailored to the job to be done and …

AI is clearly accelerating demand for cloud computing , but not in the way many expected. Is the biggest story right now about software innovation? No. It’s about the extraordinary amount of capital flowing into the physical infrastructure needed to support AI at scale. Chips, networking gear, power systems, and massive data centers are becoming the strategic center of gravity for the cloud marke…

Enterprises using the lightweight, open-source Flowise platform to power self-hosted AI workloads now have a new near-max-severity issue to worry about. Researchers at Obsidian Security have detailed a one-click remote code execution (RCE) vulnerability affecting self-hosted Flowise deployments through its implementation of Model Context Protocol ( MCP ) stdio servers. The problem is essentially …

If the supreme goal for software development teams is to get high-quality products to market as quickly, efficiently, and securely as possible, then deploying AI-powered tools for devops might be the way to achieve that objective. AI-powered tools can help to speed up software delivery, enhance system reliability, and reduce operational costs by automating complex and repetitive tasks. They enabl…

Enterprise GenAI (generative AI) deployments succeed when teams run them with the same discipline they apply to other user-facing services. The model sits in the middle of a pipeline that handles identity, policy, retrieval, inference, and logging. Each stage affects quality, latency, cost, and risk. A pilot can hide these dependencies. Production traffic exposes them. Familiar sequences are seen…

Mitchell Hashimoto wants you to stop updating your dependencies , which, from a historical context, is certifiably insane. In fact, in the wake of Mythos and the potential to make zero-day exploits common , it still may sound insane. Yet after the spring npm just had, Hashimoto’s counsel may actually sound less like heresy and more like control. His rule? Fork your dependencies, trim them to what…

The first beta release of Python 3.15 has arrived. That means it’s time to discover all the best new features in Python, and especially its low-to-no impact profiling tools. Plus, with the recent debut of Mojo 1.0, you can see for yourself how the one-time Python challenger has set out on a path of its very own. Top picks for Python readers on InfoWorld First look: Mojo 1.0 mixes Python and Rust …

Enterprises everywhere have been urging employees to adopt AI, with internal leaderboards springing up to show who has used the most AI tokens. Such games can backfire, though, as Amazon recently discovered. Kirorank, an unofficial leaderboard tracking usage of Amazon’s Kiro AI tool, ranked workers according to their AI activity, but senior managers at Amazon found that employees were creating AI…

As AI agents become more numerous and more communicative, keeping track of where to find them is becoming increasingly important. Numerous proprietary agent registries are on the market, but the Linux Foundation suggests we simply extend the distributed, open Domain Name System (DNS) infrastructure we already have. The foundation is now inviting contributions to the DNS-AID project, a standard wa…

Researchers in Switzerland claim to have built a perfect random number generator from two quantum superconducting chips, a 30-meter-long pipe, and some software. The resulting device could be used to generate cryptographic keys, or to offer a “public randomness service” for lotteries or blockchain applications, they say. They’re not the first to make the claim . Many sources of randomness are bia…