There's a false sense of security around open source code, according to Trustwave researchers Brandon Myers and Assi Barak. Their deeper point was that open source code is prone to vulnerabilities ...

Earlier this year, a Microsoft developer realized that someone had inserted a backdoor into the code of open source utility XZ Utils, which is used in virtually all Linux operating systems. The ...

GitHub, Google, IBM, Red Hat, Microsoft, and VMware are just a few founding members of the Linux Foundation’s latest initiative that aims to smash open source software security bugs. OpenSSF’s ...

Supply chain security startup Socket Inc. announced today that it has raised $40 million in new funding to fuel its mission to modernize security for open-source software and expand its team across ...

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how visibility and shift-left security reduce exposure.

In the intricate landscape of software development, the question of whether open source software provides superior security compared to proprietary alternatives has sparked a longstanding debate. The ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...

BastionZero's OpenPubkey, which is a new cryptographic protocol that's designed to fortify the open-source software ecosystem, is now a Linux Foundation open-source project. Docker is also integrating ...

In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...

A reflection of the Department of Homeland Security logo in the eyeglasses of a cybersecurity analyst (Mark J. Terrill/AP/File) There’s no question that open-source software is central to the ...