CSOonline

Malicious open-source software packages have exploded in 2024

The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...
Dark Reading

Code-Scanning Tool's License at Heart of Security Breakup

A group of nine application security service providers announced they would "fork" the popular code-scanning project Semgrep, creating a new codebase, after a series of moves by the eponymous startup ...

The Simplest Android App for Scanning Documents

Most scanning apps try to get you to buy a cloud storage subscription or pay for extras. Not FairScan, which is free and open ...
dbta

Aqua Security Unveils Trivy Partner Connect to Boost Open Source Security Scanning

Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...
Business Wire

Lineaje Redefines Software Supply Chain Security with Agentic AI-Driven Risk Elimination, Gold Open Source and SCA360

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...
Defense One

Malicious states are working to weaponize open-source software: report

Chinese, Russian, and North Korean-affiliated hackers are covertly working to insert backdoor hijacks and exploits into major publicly available software used by countless organizations, developers, ...
Forbes

Why Enterprises Must Apply Zero Trust To Open Source Software

Over the last decade, enterprises have transformed the way they build software. What used to be mostly proprietary code is now dominated by open-source components. In many cases, more than 80% of an ...