Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...

Open-source software reinforces modern applications, but attackers exploit trust gaps in how code is built and delivered.

A recent study found that more than a third of 1,261 open source libraries had a known vulnerability and about a quarter of the downloads were tainted A study of how 31 popular open source code ...

Open source security incidents aren't going away. The reliance on open source software (OSS) increases year-over-year, with more than 95% of all software, including open source, in some capacity. From ...

What’s Next for Open Source Software Security in 2025? Your email has been sent Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe ...

SonarSource SA, which does business as Sonar, said today that it has signed a definitive agreement to acquire Tidelift Inc., a provider of services to manage open-source components. Terms weren’t ...

Cloud security startup Echo has closed a $35 million Series A funding round to boost development of its AI-native OS. The ...

In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...

Open-source software has become a prime target in the escalating wave of cybersecurity threats. As attacks grow more sophisticated, the open-source community is racing to close critical security gaps ...

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...

Significant security risks continue to be prevalent in open source software practices, a new report by the Linux Foundation, OpenSSF and Harvard University has found. The CENSUS III project was based ...

Open-source EDA tools are free, readily available, and growing in numbers, but many chipmakers are wary of using them due to security concerns. On the plus side, proponents say these tools can help ...