Security News

Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around the world. While open...

Hackers see green field opportunities in vulnerable software supply chains.

Hackers 'mainlining' vulns into projects – report Use of vulnerable open source components has doubled over the last year despite their role in the high profile Equifax mega-breach.…

After developing it internally for over 10 years, the National Cybersecurity Agency of France (ANSSI) has decided to open source CLIP OS, a Linux-based operating system developed “to meet the...

Chris Eng of CA Veracode on Best PracticesOpen source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risks, says Chris Eng...

Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center for Citizen Research...

Google last week took the wraps off Tink, an open source, multi-language, cross-platform cryptographic library designed to help simplify common encryption operations. Under development for the...

Open source trusted execution component expected this fall At some point this fall, a team of researchers from MIT's CSAIL and UC Berkeley's EECS aim to deliver an initial version of an open...

A newly discovered Mirai variant has been created using an open-source project that makes the process of cross compilation very easy, Symantec reports. read more

Mirai-powered botnet targets the Internet of Things (IoT) via an open source project named Aboriginal Linux.