Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that ...

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Editor’s note: Louis will lead an ...

Open-source software has become a prime target in the escalating wave of cybersecurity threats. As attacks grow more sophisticated, the open-source community is racing to close critical security gaps ...

The Open Source Security Foundation (OpenSSF) has claimed a “significant milestone” after releasing a new set of best practices designed to improve the security posture of open source projects. The ...

Open-source risk is often simplistically reduced to security headlines about the latest vulnerability or bug count. Security matters, of course, but it is only one dimension of a broader risk surface ...

Open-source code has become a malware vector. For example, by the closest of shaves, an open-source developer discovered that Jia Tan, a chief programmer and maintainer of the Linux xz data ...

When Europe's new Cyber Resilience Act (CRA) comes into force, manufacturers will face a challenging but necessary deadline – 24 hours to issue an initial security statement, 72 hours to produce a ...

Open source AI is gaining momentum across major players. DeepSeek recently announced plans to share parts of its model architecture and code with the community. Alibaba followed suit with the release ...

In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...