Open source security incidents aren't going away. The reliance on open source software (OSS) increases year-over-year, with more than 95% of all software, including open source, in some capacity. From ...

A critical-severity vulnerability impacting the popular React open-source library deserves attention, but is far from the ...

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...

Open-source software has become a prime target in the escalating wave of cybersecurity threats. As attacks grow more sophisticated, the open-source community is racing to close critical security gaps ...

As we move into 2025, open source software (OSS) remains central to digital innovation across industries. However, its widespread adoption brings heightened security challenges and evolving regulatory ...

What’s Next for Open Source Software Security in 2025? Your email has been sent Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe ...

GitHub, Google, IBM, Red Hat, Microsoft, and VMware are just a few founding members of the Linux Foundation’s latest initiative that aims to smash open source software security bugs. OpenSSF’s ...

DevSecOps, short for Development, Security, and Operations, is a methodology that integrates security practices into software Development Operations (DevOps). It emphasizes that security should be a ...

In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...

Significant security risks continue to be prevalent in open source software practices, a new report by the Linux Foundation, OpenSSF and Harvard University has found. The CENSUS III project was based ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Open-source large language models (LLMs) ...

Unresolved security debt is leaving organizations at greater risk of security breaches as fix times grow longer and the software ecosystem increasingly complexifies. Organizations are taking longer to ...