Business Wire

Lineaje Redefines Software Supply Chain Security with Agentic AI-Driven Risk Elimination, Gold Open Source and SCA360

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...
The Hacker News

The State of Trusted Open Source

Analysis shows most security risk sits in longtail open source images, with 98% of CVEs outside top projects & Critical flaws ...
Hosted on MSN

Google’s ‘Big Sleep’ AI Finds 20 Security Vulnerabilities in Open-Source Software

Alphabet Inc. (NASDAQ:GOOGL) is one of the most profitable growth stocks to buy according to billionaires. On August 5, Google announced that its AI-powered vulnerability researcher, named Big Sleep, ...

ActiveState Survey Finds Container Security Gaps Expose Enterprises to Breach and Audit Risks

ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced the release of its 2026 State of Vulnerability Management and Remediation ...
Wired

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...
Security Boulevard

The Myth of Linux Invincibility: Why Automated Patch Management is Key to Securing the Open Source Enterprise

Users and developers have hailed Linux as the operating system that "just works," celebrating it for decades as a symbol of open source strength, speed, ...
SiliconANGLE

Seal Security raises $13M to scale automated open-source vulnerability remediation

Israeli cybersecurity startup Seal Cybersecurity Solutions Inc. today revealed that it has raised $13 million in new funding to accelerate its go-to-market efforts and expand its core vulnerability ...
Software Engineering Institute

SEI Parser Demystifies Firmware to Fight Vulnerabilities

Software based on the Unified Extensible Firmware Interface (UEFI) standard makes up the firmware of most modern desktop computers and servers. This software is largely invisible to users, critical to ...
Communications of the ACM

Exposing Common Vulnerabilities

Common vulnerabilities and exposures (CVEs) include all types of subversive entry-points discovered in programs, along with a ...
LinuxInsider

Is a Security Baseline Enough for Open-Source Software?

In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...
Forbes

2025’s Biggest Challenges In Open-Source Software Supply Chains

What are the most pressing issues for organizations using open-source software (OSS) in 2025? Is it cyberattacks? Cost efficiency? Or is it the disruptions of AI and new tech? In this article, I’ll ...
Computer Weekly

Sonatype CEO on self-service: The vulnerability data gap undermining AI-driven development

Increasingly, self-service tools and internal developer platforms (IDPs) are configured to make critical decisions, but ...