A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

SUPPLYSHIELD combines large-scale AI systems with human validation to maintain secure versions of libraries across the full dependency tree. When new vulnerabilities are disclosed, the platform ...

Malware in open source software is no longer a fringe threat--it's accelerating at an unprecedented rate. In 2025 alone, more than ...

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

PCWorld explores how AI’s rise makes open-source software essential for security, as closed-source code can hide malicious ...

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before ...

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.

Minimus, the leader in hardened container images and secure container software, today announced the Minimus Open Source ...

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Over the last decade, enterprises have transformed the way they build software. What used to be mostly proprietary code is now dominated by open-source components. In many cases, more than 80% of an ...

The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon." The federal government wants public input on how ...

Two software researchers recently demonstrated how modern AI tools can reproduce entire open-source projects, creating ...