Security News

Downloads of known vulnerable open source components increase 120%
2018-09-27 05:00

Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around the world. While open...

2018 Has Been Open Season on Open Source Supply Chains
2018-09-26 20:48

Hackers see green field opportunities in vulnerable software supply chains.

Open-source software supply chain vulns have doubled in 12 months
2018-09-25 15:59

Hackers 'mainlining' vulns into projects – report Use of vulnerable open source components has doubled over the last year despite their role in the high profile Equifax mega-breach.…

French cybersecurity agency open sources security hardened CLIP OS
2018-09-24 09:56

After developing it internally for over 10 years, the National Cybersecurity Agency of France (ANSSI) has decided to open source CLIP OS, a Linux-based operating system developed “to meet the...

Managing Open Source Risks
2018-09-19 15:48

Chris Eng of CA Veracode on Best PracticesOpen source and third-party components help developers build and deploy applications faster. But with increased speed comes greater risks, says Chris Eng...

Scan reveals known open source vulnerabilities in popular Android apps
2018-09-12 12:09

Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center for Citizen Research...

Google Introduces Open Source Cross-Platform Crypto Library
2018-09-04 15:16

Google last week took the wraps off Tink, an open source, multi-language, cross-platform cryptographic library designed to help simplify common encryption operations. Under development for the...

Boffins trying to build a open source secure enclave on RISC-V
2018-08-31 23:57

Open source trusted execution component expected this fall At some point this fall, a team of researchers from MIT's CSAIL and UC Berkeley's EECS aim to deliver an initial version of an open...

Cross-Platform Mirai Variant Leverages Open-Source Project
2018-08-23 17:35

A newly discovered Mirai variant has been created using an open-source project that makes the process of cross compilation very easy, Symantec reports. read more

Mirai botnet strikes again: This time it's going after a specific open source project
2018-08-23 16:01

Mirai-powered botnet targets the Internet of Things (IoT) via an open source project named Aboriginal Linux.