Dark Reading

Malicious Open Source Packages Spike 188% YoY

Due to automation and a high-reward, low-risk threat environment, open source malware increased 188% year over year in the second quarter of this year. Supply-chain security vendor Sonatype today ...
Infosecurity-magazine.com

Over 200 Malicious Open Source Packages Traced to Lazarus Campaign

North Korean threat actors have distributed over 200 malicious open source packages, in an audacious new cyber-espionage campaign, according to Sonatype. The security vendor blocked 234 unique npm and ...
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...
Dark Reading

DARPA: Closing the Open Source Security Gap With AI

Open source components continue to cause huge problems for security practitioners, and AIxCC was created to determine whether automation could help close the gap. At DEF CON 33, DARPA announced the ...

5 open-source privacy apps for Android that actually deserve your attention

Android privacy risks from daily hacks demand vigilance. Install these 5 open-source apps to stay protected from trackers, ...