Security News

As the bug bounty programs begin to roll out in January, security experts worry that the programs miss the mark on truly securing open source projects.

New year, new security fails, new CVE Happy New Year! Oh, and if you include GNU's wget utility in software you write, pull down the new version released on Boxing Day and push out updates to your users.…

Maria Loughlin of Veracode on Mitigation StrategiesOpen source components help developers build and deploy applications faster, but with increased speed comes greater risk. Maria Loughlin of...

Wipro Digital and Alfresco expanded global partnership to create, build and run open source based digital transformation programs for its clients, across the globe. The partnership will bring...

A recently discovered piece of malware targeting Mac systems is a combination of two open-source programs, Malwarebytes security researchers warn.  read more

Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern...

Unbound brings to the blockchain community a security solution via open source. The company’s blockchain-crypto-mpc library is available for free on Git Hub. It’s an open source library for...

The module "event-steam" was infected with malware by an anonymous someone who became an admin on the project. Cory Doctorow points out that this is a clever new attack vector: Many open source...

The board of directors of the OpenStack Foundation (OSF) adopted a resolution advancing a new governance framework supporting the organization’s investment in emerging use cases for OpenStack and...

The Linux Foundation and over 30 global technology leaders are forming a new foundation to support the Ceph open source project community. The Ceph project develops a unified distributed storage...