News

CSOonline7mon
Malicious open-source software packages have exploded in 2024
The open-source development ... according to a new report from software supply chain management firm Sonatype. The company has tracked over 500,000 new malicious packages since November 2023 ...
InfoWorld1y
JFrog Curation blocks malicious open source software packages
DevSecOps system validates incoming software packages against JFrog’s security research library to establish a repository of trustworthy components for software developers to use. JFrog has ...
SiliconANGLE2y
Google Cloud beefs up open-source software security with Assured OSS packages
By relying on Google’s extensive library of Assured OSS packages, organizations will benefit from a more secure open-source software supply chain, Google said. They’ll be able to understand ...
Business Insider11mon
ReversingLabs Launches Spectra Assure Community – The Largest, Free Resource of Comprehensive Risk Assessments on Open Source Software
real-time threat intelligence data about software packages in open source repositories.” Community Contribution Today’s launch of Spectra Assure Community underscores RL’s enduring ...