A group of nine application security service providers announced they would "fork" the popular code-scanning project Semgrep, creating a new codebase, after a series of moves by the eponymous startup ...

Software Composition Analysis, or SCA, is a type of software security tool that focuses on analyzing open-source components within a codebase. When developers create software, they often include ...

Open-source software has become a prime target in the escalating wave of cybersecurity threats. As attacks grow more sophisticated, the open-source community is racing to close critical security gaps ...

There's a false sense of security around open source code, according to Trustwave researchers Brandon Myers and Assi Barak. Their deeper point was that open source code is prone to vulnerabilities ...

What’s Next for Open Source Software Security in 2025? Your email has been sent Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe ...

The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...

Cybersecurity professionals are quick to see the risks associated with open source — a developer may unknowingly insert buggy open source code into an enterprise application, which could make the ...

As we move into 2025, open source software (OSS) remains central to digital innovation across industries. However, its widespread adoption brings heightened security challenges and evolving regulatory ...

What are the most pressing issues for organizations using open-source software (OSS) in 2025? Is it cyberattacks? Cost efficiency? Or is it the disruptions of AI and new tech? In this article, I’ll ...

Open source AI is gaining momentum across major players. DeepSeek recently announced plans to share parts of its model architecture and code with the community. Alibaba followed suit with the release ...