IBM's "Project Lightwell"

IBM has sent out apress release touting a claimed $5billion investment into anoperation called Project Lightwell:

Project Lightwell will establish a trusted enterprise clearinghousecombined with a global force of engineers to identify and fixvulnerabilities at scale. The clearinghouse will serve as asecurity coordination layer, using advanced AI capabilities tovalidate and test fixes across an unprecedented volume of opensource code. These capabilities will be offered through commercialsubscriptions, allowing enterprises to integrate secure patchesdirectly into their existing software supply chains withenterprise-grade validation and lifecycle management.

Toward the bottom, it does also mention sharing vulnerability informationwith upstream projects.