Supply chain security startup Socket Inc. announced today that it has raised $40 million in new funding to fuel its mission to modernize security for open-source software and expand its team across ...

Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe insecure use of open-source software in 2025. Open-source software is common ...

Get the latest federal technology news delivered to your inbox. In a pivotal move to enhance cybersecurity earlier this year, the White House Office of the National Cyber Director, in partnership with ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Open-source large language models (LLMs) ...

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...

SonarSource SA, which does business as Sonar, said today that it has signed a definitive agreement to acquire Tidelift Inc., a provider of services to manage open-source components. Terms weren’t ...

In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...

Going closed source now feels like the wrong move.

Open source security incidents aren't going away. The reliance on open source software (OSS) increases year-over-year, with more than 95% of all software, including open source, in some capacity. From ...

Companies are treating these repositories like content delivery networks - now the Linux Foundation and colleagues are saying ...

Open-source EDA tools are free, readily available, and growing in numbers, but many chipmakers are wary of using them due to security concerns. On the plus side, proponents say these tools can help ...