Business Wire

Lineaje Redefines Software Supply Chain Security with Agentic AI-Driven Risk Elimination, Gold Open Source and SCA360

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...
Ars Technica

More malicious packages posted to online repository. This time it’s PyPI

Researchers have uncovered yet another supply chain attack targeting an open source code repository, showing that the technique, which has gained wide use in the past few years, isn’t going away any ...
VentureBeat

Meet Aardvark, OpenAI’s security agent for code analysis and patching

An aardvark works in an office typing at a desktop PC while happy human workers mill about in the background. Credit: VentureBeat made with ChatGPT Positioned as a scalable defense tool for modern ...
Benzinga.com

China's DeepSeek To Open-Source Key Code Repositories In A Bid For Full Transparency

AI startup DeepSeek announced plans to open-source five of its code repositories, a move aimed at fostering transparency and community-driven innovation. A code repository is a centralized storage ...
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...
TechCrunch

DeepSeek to open source parts of online services code

Chinese AI lab DeepSeek plans to open source portions of its online services’ code as part of an “open source week” event next week. DeepSeek will open source five code repositories that have been ...
CSOonline

Orca bolsters cloud security offering with source code support

Cybersecurity provider Orca has added new source code posture management capabilities to its cloud security offering by adding support for popular source code management (SCM) platforms. The new ...
SiliconANGLE

Amazon announces Q Developer preview in GitHub for AI-powered code generation and review

Amazon Web Services Inc. today announced a preview for its agentic artificial intelligence software development assistant Q Developer for Microsoft Corp.’s open-source code repository GitHub. Millions ...
CSOonline

NIST provides solid guidance on software supply chain security in DevSecOps

Key recommendations from the NIST’s latest guidance and why they are relevant to modern organizations developing and delivering software. Software supply chain (SSC) attacks continue to be one of the ...
TechRepublic

Top 10 open-source security and operational risks of 2023

Top 10 open-source security and operational risks of 2023 Your email has been sent Many software companies rely on open-source code but lack consistency in how they measure and handle risks and ...
Dark Reading

Twitter's Source Code Leak on GitHub a Potential Cyber Nightmare

Some of Twitter's proprietary source code had been publicly available on Github for nearly three months, according to information gleaned from a DMCA Takedown request filed on March 24. GitHub is the ...