The combination of open-source software with artificial intelligence is opening up new possibilities for custom software ...

Hidden dependencies and social engineering attacks can contribute to the insecure use of open-source software in 2025.

For years, developers of free, open-source software have been telling anyone who will listen that their projects needs better financial assistance and more oversight. Now, after a number of ...

The nation’s cyber defense agency wants to play a key role in hardening the broader open source software security ecosystem.

How safe is that open-source software in the Git library, the one with the questionable history? Scorecard 2.0 can quickly tell you just how secure, or not, it really is.

In the months since, the Cybersecurity and Infrastructure Security Agency has promoted the use of a software bill of materials as a step to secure open-source software.

One year after the Log4j disaster, open source community efforts and new developer toolchains are addressing the challenges of software supply chain security.

The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon." ...

The argument for open-source software security has been that more people vetting publicly available source code can result in faster fixes compared to the 'security through obscurity' model – a ...

Tech giants including Amazon, Google and Microsoft have pledged millions of dollars to bolster the security of open source software. The pledge was made during a meeting in Washington, DC last ...