SiliconANGLE

Endor Labs launches with $25M to secure open-source code dependencies

Endor Labs, a software management platform that helps developers deal with software code dependencies, launched out of stealth mode today with $25 million in seed funding to help enterprise developers ...
SiliconANGLE

Microsoft integrates source-code analysis into its cloud security suite

Endor Labs Inc. says Microsoft Corp. has natively integrated its software composition analysis technology into its Microsoft Defender for Cloud cloud-native application protection platform. That means ...
TechRepublic

Open source code for commercial software applications is ubiquitous, but so is the risk

As the SolarWinds and Log4j hacks show, vulnerabilities in open source software used in application development can open doors for attackers with vast consequences. A new study looks at the open ...
Ars Technica

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
TechCrunch

Protestware on the rise: Why developers are sabotaging their own code

If combating attacks and hijackings of legitimate software on open source registries like npm weren’t challenging enough, app makers are increasingly experiencing the consequences of software ...