News

CSOonline8mon
Malicious open-source software packages have exploded in 2024
The open-source development ... according to a new report from software supply chain management firm Sonatype. The company has tracked over 500,000 new malicious packages since November 2023 ...
InfoWorld1y
JFrog Curation blocks malicious open source software packages
DevSecOps system validates incoming software packages against JFrog’s security research library to establish a repository of trustworthy components for software developers to use. JFrog has ...
TechRepublic2y
Google Cloud offers Assured Open Source Software for free
“Software supply chain attacks targeting open source continue to increase. Secure ingest of open source packages is a widespread challenge for organizations and developers wherever they choose ...
SiliconANGLE2y
Google Cloud beefs up open-source software security with Assured OSS packages
By relying on Google’s extensive library of Assured OSS packages, organizations will benefit from a more secure open-source software supply chain, Google said. They’ll be able to understand ...
Business Insider11mon
ReversingLabs Launches Spectra Assure Community – The Largest, Free Resource of Comprehensive Risk Assessments on Open Source Software
real-time threat intelligence data about software packages in open source repositories.” Community Contribution Today’s launch of Spectra Assure Community underscores RL’s enduring ...