News
The open-source development ... according to a new report from software supply chain management firm Sonatype. The company has tracked over 500,000 new malicious packages since November 2023 ...
DevSecOps system validates incoming software packages against JFrog’s security research library to establish a repository of trustworthy components for software developers to use. JFrog has ...
By relying on Google’s extensive library of Assured OSS packages, organizations will benefit from a more secure open-source software supply chain, Google said. They’ll be able to understand ...
A new report out today from Fortinet Inc.’s FortiGuard Labs highlights a growing wave of malicious software ... of malicious packages distributed across open-source repositories, using ...
According to data from software supply chain management company Sonatype, the number of malicious packages detected across the various open-source ecosystems tripled year over year. “Looking at ...
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild ... NuGet is an open-source package manager and software distribution system, enabling developers ...
Xeol’s platform tracks end-of-life data for more than 100,000 open source software packages. The company uses this data to identify potential cybersecurity risks within companies’ software ...
open-source software remained a key element of supply chain risk in 2024. For example, incidents of exposed development secrets via publicly accessible, open-source packages rose 12% compared to 2023.
A series of high-profile compromises targeting popular open source packages have been uncovered, exposing the growing risk of malicious code infiltration in widely used software tools. Threat actors ...
real-time threat intelligence data about software packages in open source repositories.” Community Contribution Today’s launch of Spectra Assure Community underscores RL’s enduring ...
A trio of former GitHub executives and engineers have founded a new startup that brings the benefits of one of the most popular open source package managers to the enterprise. Designed primarily ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results