Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe insecure use of open-source software in 2025. Open-source software is common ...
Capital One has open-sourced VulnHunter, an AI security tool that finds exploitable code flaws, maps attack paths and helps ...
AI agent security now has a purpose-built open-source guardrail: Ant Group released SingGuard-NSFA, a free framework that catches prompt injection and credential-theft patterns before AI agents ...
In a pivotal move to enhance cybersecurity earlier this year, the White House Office of the National Cyber Director, in partnership with the Open-Source Software Security Initiative, unveiled an RFI ...
When Drupal disclosed CVE-2026-9082 in May, exploit attempts were reported within 48 hours. That shrinking window between ...
Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...
Open source security incidents aren't going away. The reliance on open source software (OSS) increases year-over-year, with more than 95% of all software, including open source, in some capacity. From ...
In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...
Microsoft has cut off access to dozens of its open source projects hosted on GitHub as it investigates how hackers apparently breached the projects and injected password-stealing malware into the code ...