There's a false sense of security around open source code, according to Trustwave researchers Brandon Myers and Assi Barak. Their deeper point was that open source code is prone to vulnerabilities ...

The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon." The federal government wants public input on how ...

Anthropic’s Claude Opus 4.6 identified 500+ unknown high-severity flaws in open-source projects, advancing AI-driven vulnerability detection.

A Chinese-linked cyberespionage group has pulled off a classic software supply-chain ambush, compromising a popular ...

The widely used open-source library has been patched to defend against a heap buffer overflow flaw that’s been in the code since its inception.

Open source malware surged 73% in 2025, with npm as a key target with rising risks in software supply chains and developer environments.

Open source components continue to cause huge problems for security practitioners, and AIxCC was created to determine whether automation could help close the gap. At DEF CON 33, DARPA announced the ...

LAS VEGAS — Open source software and security will be fundamental elements of 5G, according to top executives at the 2016 CTIA Super Mobility conference here. During yesterday's opening keynote ...

The latest trends and issues around the use of open source software in the enterprise. Sysdig is on a mission. That mission is one designed to unite millions of cloud security professionals and ...

The ease with which developers can integrate third-party open source code has created a security and sustainability crisis, according to a senior executive at edge cloud platform Fastly. Speaking to ...

If you needed another reminder that our software supply chains are only as strong as their smallest link, the JavaScript ecosystem delivered it. In early September, attackers phished the NPM account ...