It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with ...

Open source software (OSS) is the backbone of modern software development, empowering industries from finance and healthcare to government and technology to innovate faster and reduce costs. However, ...

By combining Lineaje AI's innovative agentic AI, Gold Open Source and enhanced scanning with SCA360, organizations can eliminate software supply chain vulnerabilities and reduce complexity and ...

Open Source Risk in the AI EraAI is accelerating innovation—but it’s also amplifying risk across the software supply chain.As reported by Security Boulevard, Sonatype is tackling this challenge ...

Open source security startup Seal Security on July 29 announced raising $13 million in a Series A funding round.

CodeSecCon is the premier virtual event that brings together developers and cybersecurity pros to revolutionize the way ...

Dimensional Research surveyed more than 300 global executives, technology, and security professionals at all seniority levels directly responsible for software at enterprise companies. The ...

Malicious PyPI packages, repo hijacks, and CVEs in Python containers put devs at risk. Learn how to stay secure.

Why Businesses Struggle With Their Open-Source Supply Chain OSS can be amazing, but software is only as good as its supply chain security. Getting this right can be a complex puzzle, and it’s ...

Many companies lack visibility into complex digital supply chains, meaning hidden risks and regulatory exposure. Cyber security requires continuous mapping and board engagement.

A record-breaking year for open source consumption as downloads hit 6.6 trillion, amplifying software supply chain riskFulton, Md., Oct. 10, 2024 (GLOBE NEWSWIRE) -- Sonatype®, the end-to-end ...

In a newly discovered supply chain attack, attackers last week targeted a range of npm-hosted JavaScript type testing ...