Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe insecure use of open-source software in 2025. Open-source software is common ...

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has impacted hundreds of organizations.

There's a false sense of security around open source code, according to Trustwave researchers Brandon Myers and Assi Barak. Their deeper point was that open source code is prone to vulnerabilities ...

A reflection of the Department of Homeland Security logo in the eyeglasses of a cybersecurity analyst (Mark J. Terrill/AP/File) There’s no question that open-source software is central to the ...

Open source security incidents aren't going away. The reliance on open source software (OSS) increases year-over-year, with more than 95% of all software, including open source, in some capacity. From ...

Starts with OpenTitan “root-of-trust” components ...

The DHS and CISA booth at the 2019 RSA conference in San Francisco. (Scoop News Group photo) The Cybersecurity and Infrastructure Security Agency (CISA) and other federal agencies released guidance ...

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...

WASHINGTON, D.C. - APRIL 22, 2018: An American flag flies over the south facade of the White House in Washington, D.C. (Photo by Robert Alexander/Getty Images) The White House’s National Cyber ...