The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...

Every time a developer types npm install, they are placing a bet that the package they are pulling into their project is not ...

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...

As AI coding assistants proliferate, ActiveState delivers the only tool-agnostic, built-from-source open source security ...

Cloudsmith Inc., a startup that helps software teams manage application components, has secured $72 million in new funding.

In 2020, the SolarWinds incident served as a wake-up call for the tech industry, highlighting the urgent need for organizations to refine their response strategies to critical CVEs (common ...

It’s easier to find and fix bugs in open-source software, but that's no help if organizations use old, unpatched versions. Nearly three-quarters of all commercial codebases contain open-source ...

In our wider community we are all familiar with the idea of open source software. Many of us run it as our everyday tools, a lot of us release our work under an open source licence, and we have a ...

The struggle between open source and proprietary software is well understood. But the tensions permeating software circles for decades have shuffled into the artificial intelligence space, in part ...

Open-source software tools continue to increase in popularity because of the multiple advantages they provide including lower upfront software and hardware costs, lower total-cost-of-ownership, lack ...

Open-source software powers the majority of today’s businesses. An estimated 70% to 90% of modern software solutions use a code base made up of open-source components, according to 2022 data from the ...