Your passkeys could be vulnerable to attack, and everyone - including you - must act

When a clickjack attack managed to hijack a passkey authentication ceremony, were password managers really to blame? ZDNET's investigation reveals a more complicated answer.
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...
InfoQ

Linux Security Tools Bypassed by io_uring Rootkit Technique, ARMO Research Reveals

Security researchers at ARMO have uncovered a significant vulnerability in Linux runtime security tools that stems from the ...

5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.
Te Pūnaha Matatini

The ecosystem of software

The software ecosystem is a complex system, and this complexity is a byproduct of evolution, collaboration and innovation.