InfoWorld

A veritable garden of linters and type checkers has blossomed in the Python ecosystem. Pyright and Mypy are two of the most popular, while Astral’s ty and Meta’s Pyrefly are two promising Rust-based newcomers. We compared early-stage ty and Pyrefly last June . One year later, Meta has released Pyrefly 1.0 . Pyrefly is intended to stand out from the pack by way of a few key features. It’s written …

Cloud computing has reached a crossroads. The high cost and data sensitivity of AI workloads are raising the appeal of private clouds, even as neoclouds and sovereign clouds shake up the cloud provider landscape. New cyberthreats, shifting compute requirements, and management complexity are adding to cloud complications. Download the June 2026 issue of the Enterprise Spotlight from the editors of…

When I was a kid, we all marveled at the notion of the Star Trek computer that you’d just talk to and that would answer all your questions. It seemed impossibly fantastic and categorically impossible. Well, we have that now. In one episode, Captain Kirk used a universal translator to communicate with an alien (never mind that the aliens always seemed to speak English..). Today, everyone’s phone c…

As enterprises move from AI experimentation to production deployments, one challenge is becoming increasingly apparent: AI systems are only as reliable as the business context they operate in. Snowflake is attempting to address that problem with Horizon Context, a new set of semantic and metadata-management capabilities, currently in preview, that it unveiled Tuesday at its annual Snowflake Summi…

Workday is aiming to help customers to develop and deploy agentic systems without compromising corporate security or compliance, unveiling a series of AI tools at its DevCon event this week. Chief among them is Agent Passport, which validates an agent’s safety and compliance both before it is deployed, and continuously during its operation. When an agent attempts a task, Agent Passport can allow,…

Most enterprises already have access to AI models, so that is no longer the differentiator. The real challenge begins after the demo ends. Organizations are now trying to determine how AI agents interact with ERP systems, supply chains, approvals, security policies, customer records, and operational environments that were never designed for autonomous systems. The reality is that ERP remains the …

Developers who pulled packages from Red Hat’s @redhat-cloud-services npm namespace over the weekend got a secret-stealing worm instead. Security researchers from several cybersecurity outlets are warning of a new supply chain attack compromising over 30 Red Hat Cloud Services-related npm packages to steal credentials, authentication tokens, and other secrets from developer environments. The campa…

A malicious npm package posing as a remote user interface for OpenAI Codex exfiltrated developer authentication tokens, after attackers allegedly published code to npm that was not visible in the project’s public GitHub repository. Researchers at Aikido said the package, called codexui-android, appeared to offer legitimate functionality while collecting authentication tokens and sending them to a…

The first mobile application user interfaces were often scaled-down versions of what was already available on the web. Then, user experience (UX) designers recognized that the different smartphone form factor created new business opportunities and greater utility compared to what people were doing on their desktops. UX designers created mobile-first experiences tailored to the job to be done and …

AI is clearly accelerating demand for cloud computing , but not in the way many expected. Is the biggest story right now about software innovation? No. It’s about the extraordinary amount of capital flowing into the physical infrastructure needed to support AI at scale. Chips, networking gear, power systems, and massive data centers are becoming the strategic center of gravity for the cloud marke…

Enterprises using the lightweight, open-source Flowise platform to power self-hosted AI workloads now have a new near-max-severity issue to worry about. Researchers at Obsidian Security have detailed a one-click remote code execution (RCE) vulnerability affecting self-hosted Flowise deployments through its implementation of Model Context Protocol ( MCP ) stdio servers. The problem is essentially …

If the supreme goal for software development teams is to get high-quality products to market as quickly, efficiently, and securely as possible, then deploying AI-powered tools for devops might be the way to achieve that objective. AI-powered tools can help to speed up software delivery, enhance system reliability, and reduce operational costs by automating complex and repetitive tasks. They enabl…

Enterprise GenAI (generative AI) deployments succeed when teams run them with the same discipline they apply to other user-facing services. The model sits in the middle of a pipeline that handles identity, policy, retrieval, inference, and logging. Each stage affects quality, latency, cost, and risk. A pilot can hide these dependencies. Production traffic exposes them. Familiar sequences are seen…

Mitchell Hashimoto wants you to stop updating your dependencies , which, from a historical context, is certifiably insane. In fact, in the wake of Mythos and the potential to make zero-day exploits common , it still may sound insane. Yet after the spring npm just had, Hashimoto’s counsel may actually sound less like heresy and more like control. His rule? Fork your dependencies, trim them to what…

The first beta release of Python 3.15 has arrived. That means it’s time to discover all the best new features in Python, and especially its low-to-no impact profiling tools. Plus, with the recent debut of Mojo 1.0, you can see for yourself how the one-time Python challenger has set out on a path of its very own. Top picks for Python readers on InfoWorld First look: Mojo 1.0 mixes Python and Rust …