CSOonline

Malicious open-source software packages have exploded in 2024

The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...
Defense One

A new way to sound the alarm about open-source hacks

The Open Source Security Foundation unveiled a mailing list on Monday to help contributors and end users alert each other about open-source project vulnerabilities being exploited by hackers.
Hosted on MSN

The open source blind spot in our supply chains

A recent report highlighted that nearly a third of business leaders have seen an increase in cyber attacks targeting their supply chains. The focus, understandably, has been on supplier concentration, ...

Digital sovereignty at the UN: Inside the global push to replace US cloud giants with open-source tech

Digital sovereignty emerged as the defining theme of this year's UN Open Source Week, with many arguing that open source is ...

Why automated open source scans don't guarantee license compliance

Hannah Dacayanan of UnitedLex discusses ways in which automated software composition analysis tools identify open source ...
SiliconANGLE

Chainguard nabs $140M to secure enterprise applications’ open-source components

Less than a year after closing its last funding round, Chainguard Inc. today disclosed that it has raised another $140 million to support its sales growth. Redpoint Ventures, Lightspeed Venture ...
Dark Reading

Skuld Stealer Shows Open Source's Dark Side

There are two fundamental facts about open source. One, it's everywhere. Virtually every application includes open source components. Two, it can have serious vulnerabilities that cyberattacks can ...
qz

Open-source cybersecurity could derail the internet as we know it

In March, a software bug threatened to derail large swaths of the web. XZ utils, an open-source compression tool embedded in myriad software products and operating systems, was found to have been ...
dbta

OpenText Unveils New Solution for Adopting Enterprise-Compliant Open Source Components

OpenText, The Information Company, is debuting OpenText Debricked Open Source Select, a solution aimed toward helping developers select the right open source components that align with company intake ...
Hackaday

Open Source Hardware, How Open Do You Want It To Be?

In our wider community we are all familiar with the idea of open source software. Many of us run it as our everyday tools, a lot of us release our work under an open source licence, and we have a ...
InfoWorld

Beware open source violations lurking in your code

IT organizations that feel safe from open source licensing violations might be wise to check their code, as open source components are rapidly seeping into applications by way of offshore and in-house ...