GovInfoSecurity

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...
Business Wire

Lineaje Redefines Software Supply Chain Security with Agentic AI-Driven Risk Elimination, Gold Open Source and SCA360

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...
VentureBeat

Meet Aardvark, OpenAI’s security agent for code analysis and patching

An aardvark works in an office typing at a desktop PC while happy human workers mill about in the background. Credit: VentureBeat made with ChatGPT Positioned as a scalable defense tool for modern ...
Ars Technica

PyPI halted new users and projects while it fended off supply-chain attack

PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious code on any ...
Dark Reading

Twitter's Source Code Leak on GitHub a Potential Cyber Nightmare

Some of Twitter's proprietary source code had been publicly available on Github for nearly three months, according to information gleaned from a DMCA Takedown request filed on March 24. GitHub is the ...
TechCrunch

DeepSeek to open source parts of online services code

Chinese AI lab DeepSeek plans to open source portions of its online services’ code as part of an “open source week” event next week. DeepSeek will open source five code repositories that have been ...
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...