Open Source Container Security: A Push for Stronger Software Supply Chains

Open source designs offer flexibility, yet they also create long-term dependency paths that may hide more risk than developers expect. Many companies now treat container security as the first real ...

Hopper Launches SUPPLYSHIELD(TM): A Secure Open Source Supply Layer Delivering Zero-CVE, Malware-Free Components Through a Trusted Registry

SUPPLYSHIELD combines large-scale AI systems with human validation to maintain secure versions of libraries across the full dependency tree. When new vulnerabilities are disclosed, the platform ...
SiliconANGLE

Chainguard nabs $140M to secure enterprise applications’ open-source components

Less than a year after closing its last funding round, Chainguard Inc. today disclosed that it has raised another $140 million to support its sales growth. Redpoint Ventures, Lightspeed Venture ...
Morningstar

ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog

ActiveState has grown its secure catalog to 79M, doubling coverage from 2025 and expanding to more than 12 languages. Open source software powers 96% of modern software applications, with most ...
CSOonline

Malicious open-source software packages have exploded in 2024

The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...
dbta

OpenText Unveils New Solution for Adopting Enterprise-Compliant Open Source Components

OpenText, The Information Company, is debuting OpenText Debricked Open Source Select, a solution aimed toward helping developers select the right open source components that align with company intake ...
TechCrunch

What does ‘open source AI’ mean, anyway?

The struggle between open source and proprietary software is well understood. But the tensions permeating software circles for decades have shuffled into the artificial intelligence space, in part ...
Hackaday

Open Source Hardware, How Open Do You Want It To Be?

In our wider community we are all familiar with the idea of open source software. Many of us run it as our everyday tools, a lot of us release our work under an open source licence, and we have a ...
InfoWorld

Beware open source violations lurking in your code

IT organizations that feel safe from open source licensing violations might be wise to check their code, as open source components are rapidly seeping into applications by way of offshore and in-house ...
Morning Overview on MSN

Vibe coding’s downsides are piling up, especially for open-source projects

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from open-source components with minimal human oversight, is creating hidden costs for ...
Computerworld

Sonatype seeks to help developers reduce risk from open-source components

Software developers use a large number of open-source components, often oblivious to the security risks they introduce or the vulnerabilities that are later discovered in them. Sonatype, a company ...