Hackers planted malicious code in open source software packages with more than 2 billion weekly updates in what is likely to ...

The biggest takeaway? While the presidential administration may shape software supply chain mandates, responsibility ...

In today’s rapidly evolving business landscape, software supply chain attacks are becoming increasingly common—and more ...

The vulnerabilities were discovered in various popular open-source software, such as the audio and video library FFmpeg and the image-editing suite ImageMagick.

While software bills of materials offer some transparency over software components, they don’t solve the imbalance between ...

National Security Agency (NSA) and 19 international partners have released a joint guide on the value that increased software component and supply chain transparency can offer to the global community ...

August 2025 sees surge in open-source cybersecurity tools including CISA's Thorium forensics platform and AI-powered vulnerability scanners gaining adoption.

Open-source software used by space agencies and companies to control satellites contained vulnerabilities that could have ...

Heather Adkins, Google’s vice president of security, announced Monday that its LLM-based vulnerability researcher Big Sleep found and reported 20 flaws in various popular open source software.

Discover how to harness AI in software development while minimizing risks. Learn strategies for secure coding practices, managing AI-generated code risks, and implementing effective security measures.

Chinese, Russian, and North Korean-affiliated hackers are covertly working to insert backdoor hijacks and exploits into major publicly available software used by countless organizations, developers, ...

Google has pledged to make updates to its Project Zero disclosure policy to report more security details quicker in an effort to improve security by enabling developers quicker access to the finer ...