Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.

The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...

Open-source software sits at the core of nearly every business model. According to estimates from The Linux Foundation and Intel, 80-90% of modern application code is built using a mix of open-source ...

ActiveState has grown its secure catalog to 79M, doubling coverage from 2025 and expanding to more than 12 languages. Open source software powers 96% of modern software applications, with most ...

Hopper today announced the launch of SUPPLYSHIELD™, a new software supply layer that enables organizations to consume open source through a secured and continuously maintained registry, delivering ...

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

The Open Source Security Foundation unveiled a mailing list on Monday to help contributors and end users alert each other about open-source project vulnerabilities being exploited by hackers.

Less than a year after closing its last funding round, Chainguard Inc. today disclosed that it has raised another $140 million to support its sales growth. Redpoint Ventures, Lightspeed Venture ...

There are two fundamental facts about open source. One, it's everywhere. Virtually every application includes open source components. Two, it can have serious vulnerabilities that cyberattacks can ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

IT organizations that feel safe from open source licensing violations might be wise to check their code, as open source components are rapidly seeping into applications by way of offshore and in-house ...