CSO Online

Chinese spies had year-long access to US tech and legal firms

Backdoor on edge devices allowed a starting point for threat actors to use lateral movement to access VMware vCenter and ESXi ...

RubyGems maintainer quits after Ruby Central takes control of project

A decade-long RubyGems maintainer, Ellen Davis (also known as duckinator), has resigned from Ruby Central following what she ...
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...