InfoWorld

The phrase “sovereign cloud” has become one of the most overused and least scrutinized terms in enterprise technology. It sounds reassuring, especially to governments, regulated industries, and any enterprise concerned about geopolitical instability. The promise is simple enough: keep data local, maintain operational control, and reduce dependence on foreign systems. The problem is that the reali…

Google is expanding the role of its CodeMender security agent from autonomous vulnerability remediation toward a larger agentic development ecosystem, signalling a broader push toward AI-driven AppSec. Months after introducing CodeMender, an AI-powered agent designed to autonomously identify and patch software vulnerabilities, Google is now integrating the technology into its expanding Agent Plat…

Salesforce appears to be on a mission to “decapitate” enterprise software. After unveiling headless commerce and headless applications, the company late on Wednesday extended the label to enterprise data management via Informatica, one of its more recent acquisitions, as part of its broader industry push to prepare enterprise systems for autonomous AI agents. While Salesforce has spent the past y…

Microsoft has open-sourced two new tools aimed at bringing AI safety checks much earlier into the agent development lifecycle. The tools, called Rampart and Clarity, were announced this week as part of Microsoft’s broader push to operationalize safety engineering for agentic AI. “We built these tools because we believe that AI safety has to become a continuous engineering discipline rather than a…

For the past few years, enterprise AI conversations have been dominated by optimism: bigger models, more pilots, faster automation. The prevailing assumption was simple — pick the right AI platform and progress would follow. Reality has been far less forgiving. Most IT leaders have discovered that production AI is significantly harder than early experimentation suggested. The real work begins not…

Forms are often the most state-heavy part of a front-end application. They capture user input, run validation logic, track interaction states, and coordinate how changes propagate through the UI. As forms grow larger, with multi-step workflows, conditional fields, and asynchronous validation, the amount of code required to keep everything synchronized increases quickly. Angular has introduced sev…

Antigravity 2.0, launched at Google IO on Tuesday, is the second iteration of Google’s agent-first development platform, and comes with a new desktop app, Antigravity CLI, expanded SDK capabilities, and deeper integration with the Gemini Enterprise Agent Platform. But along with its announcement came the news that Google is beginning to consolidate its existing tools under the Antigravity umbrell…

A December 2025 paper from Silicon Valley venture capital firm Foundation Capital, titled “ AI’s trillion-dollar opportunity ,” has generated significant excitement in the enterprise AI industry. The reason? It introduces the new concept of a “context graph,” a knowledge graph designed to capture a new AI paradigm known as “decision traces.” The context graph is emerging as a potentially powerful…

Microsoft’s GitHub has suffered what appears to be its biggest ever security breach after confirming that attackers exfiltrated code from around 3,800 of the company’s internal repositories. News of the incident first emerged on May 19, when GitHub said it was investigating “unauthorized access.” Hours later, the company’s X account confirmed the worst: “Yesterday we detected and contained a comp…

Back in 2023, Chris Lattner, creator of LLVM , and his team at Modular unveiled a new language called Mojo . Its syntax resembled Python, but it compiled to machine-native code and offered memory-safety features akin to Rust. It also offered cross-compatibility with existing Python programs, one of many hints that Mojo aimed to capture the math, stats, and machine learning segment of Python devel…

Google has launched Gemini 3.5 Flash, a new AI model designed to support agentic workflows across its products and enterprise platforms, as the company looks to move generative AI beyond chatbot-style interactions and deeper into business operations. The model, announced at the annual Google I/O developer conference, is available through the Gemini app, AI Mode in Google Search, Google Antigravit…

For the past several years, application security has been organized around a relatively stable model: developers write code, pipelines build and test it, and runtime controls attempt to catch what slips through. Each stage had its own tools, its own teams, and its own assumptions about where risk lived. That model is breaking. At RSAC 2026 , the most interesting startups weren’t just adding “AI” …

I trust Claude Code . Back in March, I wrote about why I pity the developers who haven’t yet jumped on the agentic coding bandwagon. I also pity the developers just starting out, who will never quite understand the power that they now have at their fingertips. But most of all, I really pity the developers who refuse to use agentic development tools because they don’t trust AI agents. I understand…

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, this time targeting the widely-used AntV enterprise data visualization tool. Unlike last week’s high-profile npm attack on TanStack , which exploited a complex GitHub Actions cache poisoning weakness, the latest incident early on May 19 took the more conventional route of comp…

Faced with the growing volume of submission to its bug bounty program, GitHub is replacing cash bounties with swag rewards for reports with low security impact — and asking researchers to stop submitting reports that are low quality or about things that aren’t its fault. The cloud-based code repository platform has seen a sharp increase in submissions that don’t demonstrate real security impact o…