Hopper Launches SUPPLYSHIELD™: A Secure Open Source Supply Layer Delivering Zero-CVE, Malware-Free Components Through a Trusted Registry

Hopper today announced the launch of SUPPLYSHIELD™, a new software supply layer that enables organizations to consume open source through a secured and continuously maintained registry, delivering ...

The open source blind spot in our supply chains

Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.
The Hacker News

The State of Trusted Open Source Report

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...
Nasdaq

Black Duck Research Shows Open Source Vulnerabilities Have Doubled as AI Accelerates Code Creation

2026 OSSRA report highlights the rapidly expanding attack surface and abrupt rise in open source vulnerabilities and license conflicts in commercial codebases Based on analysis of 947 codebases across ...
Seeking Alpha

New Synopsys Report Finds 74% of Codebases Contained High-Risk Open Source Vulnerabilities, Surging 54% Since Last Year

The Computer Hardware and Semiconductors industry contained the most open source vulnerabilities classified as high risk, followed by Manufacturing, Industrials and Robotics In the 2024 OSSRA report, ...
Morningstar

Seal Security Introduces a Fully Autonomous Agent for Open Source Vulnerability Remediation

New agent proactively installs Seal's remediation component on new projects, validates fixes through automated testing, and routes final approval to a human - enabling teams to remediate open source ...
VentureBeat

Synopsys: 84% of codebases contain an open source vulnerability

The number of codebases containing at least one open source vulnerability increased by nine percentage points in 2020, according to a new report from Synopsys, the silicon design company behind open ...
Forbes

2025’s Biggest Challenges In Open-Source Software Supply Chains

What are the most pressing issues for organizations using open-source software (OSS) in 2025? Is it cyberattacks? Cost efficiency? Or is it the disruptions of AI and new tech? In this article, I’ll ...
Crowdfund Insider

CertiK Warns of Critical Security Vulnerabilities in AI Agent OpenClaw

Blockchain security company CertiK has recently released a comprehensive analysis of OpenClaw, a popular open-source AI agent ...
Wired

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...
Dark Reading

Security Threats of Open Source AI Exposed by DeepSeek

With its best-in-class performance and purportedly much lower development costs, DeepSeek's R1 model shocked the global AI community earlier this year and sent Nvidia's stock price tumbling. Thanks to ...
Morning Overview on MSN

Vibe coding’s downsides are piling up, especially for open-source projects

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...