Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...
Developer Tech

XZ attack reveals unlearned open-source security lessons

The XZ attack is a backdoor that reminds us our biggest open-source security threats are from decades of unlearned lessons.
InfoWorld

Open source registries signal shift toward paid models as AI strains infrastructure

The foundations said in their blog post that automated CI systems, large-scale dependency scanners, and ephemeral container ...
MUO on MSN

This open-source tool takes the pain out of Windows updates

Windows users are all too familiar with the frustration. You're deep at work when Microsoft's notorious update notifications ...
Diginomica

Open Source Summit Europe 2025 - why Linux Foundation’s AI and sovereignty push matters

Alongside the code, open source now carries responsibility for secure AI pipelines, open database standards and even Europe’s digital sovereignty. The change was underscored by announcements at the ...

CrowdStrike and Meta Deliver New Benchmarks for the Evaluation of AI Performance in Cybersecurity

CrowdStrike (NASDAQ: CRWD) today, in partnership with Meta, introduced a new suite of benchmarks – CyberSOCEval – for ...
Crypto News

Ethereum Co-Founder Warns Closed Systems Breed ‘Abuse and Monopolies,’ Calls for Open-Source in Key Sectors

Ethereum co-founder warns closed technological systems create abuse and monopolies, advocating for open-source infrastructure ...
Nextgov

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

A Russia-based Yandex employee is the sole maintainer of a widely used open-source tool embedded in at least 30 pre-built software packages in the Department of Defense, raising potential risks of ...