Infosecurity-magazine.com

OpenSSF Publishes Security Framework for Open Source Software

The Open Source Security Foundation (OpenSSF) has claimed a “significant milestone” after releasing a new set of best practices designed to improve the security posture of open source projects. The ...
LinuxInsider

Open Source Security at Risk From Poor Oversight

Open-source software has become a prime target in the escalating wave of cybersecurity threats. As attacks grow more sophisticated, the open-source community is racing to close critical security gaps ...
TechRepublic

What’s Next for Open Source Software Security in 2025?

What’s Next for Open Source Software Security in 2025? Your email has been sent Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe ...
ZDNet

How fake security reports are swamping open-source projects, thanks to AI

You'd think artificial intelligence (AI) is a boon for developers. After all, a recent Google survey found that 75% of programmers rely on AI. On the other hand, almost 40% report having "little or no ...
Computer Weekly

The hidden security risks of open source AI

Open source AI is gaining momentum across major players. DeepSeek recently announced plans to share parts of its model architecture and code with the community. Alibaba followed suit with the release ...
dbta

Sonar’s Tidelift Acquisition Bolsters Code Quality and Security for Open Source

Sonar, the code quality and security leader, sets its sights on Tidelift, a provider of software supply chain security solutions for mitigating open source software risk, having entered a definitive ...
Diginomica

Building bridges, not burning maintainers - how the CRA is reshaping open source relations

When Europe's new Cyber Resilience Act (CRA) comes into force, manufacturers will face a challenging but necessary deadline – 24 hours to issue an initial security statement, 72 hours to produce a ...