The White House has unveiled plans for a two-year competition with $18.5 million in prizes for artificial intelligence coders who can come up with ways to identify and fix software vulnerabilities in critical infrastructure code, such as that which runs the Internet. Styled AIxCC, the AI Cyber Challenge is being led by the Defense Advanced Research Projects Agency (DARPA) with support from companies including Anthropic, Google, Microsoft and OpenAI, who have committed to lending expertise and technology. Up to seven small businesses will potentially receive $1 million each to participate. Continue reading White House Launches $20 Million AI Cybersecurity Challenge

Senate Homeland Security Committee leaders Gary Peters (D-Michigan) and Rob Portman (R-Ohio) have introduced a bill requiring a risk framework for open-source code. The proposed legislation would require the Cybersecurity and Infrastructure Security Agency to develop the risk evaluation process for open-source software being used by federal agencies and critical infrastructure. The move follows the discovery in December of a vulnerability in the Apache Software Foundation’s popular Log4j Java logging utility. Peters said the Log4j incident presented a serious threat to banks, hospitals, and utility companies, among other national security operations. Continue reading Senate Group Wants CISA to Protect Open-Source Software