What’s Next for Open Source Software Security in 2025?
Hidden dependencies and social engineering attacks can contribute to the insecure use of open-source software in 2025.
How Attackers Became The Protagonists Of The Software Supply Chain
2014 was a year of many firsts. Rosetta's Philae lander made the first successful landing on a moving comet, Janet Yellen was ...
CRN29d
Veracode Looks To Boost Security For Software Supply Chain With Acquisition Of Phylum
Veracode said that its acquisition of software supply chain security startup Phylum, announced Monday, will enhance its capabilities around protecting against malicious open-source code.
CSOonline8h
Abandoned AWS S3 buckets open door to remote code execution and supply-chain compromises
Attackers re-register abandoned AWS S3 buckets filled with malicious files that are executed by applications looking for ...
CRN1y
The 10 Hottest Cybersecurity Startups Of 2023
Chainguard offers tools that aim to dramatically improve the security of the software supply chain and open source software ... its patented “fly-direct” architecture that avoids the ...
Computing2y
New guidance on software supply chain attacks released
and in the same week US security agencies NSA and CISA published their own guidance on mitigating the risk of software supply chain attacks. Modern applications, both closed- and open source, are ...
SD Times3mon
Report: Only 1 in 5 organizations have full visibility into their software supply chain
Several high profile software supply chain security incidents over the last ... for the software they develop (49% of respondents) or for open source projects they use (45%) of respondents.
Infosecurity-magazine.com1mon
Supply Chain Attack Targets Key Ethereum Development Tools
Implementing measures such as securing privileged access management, adopting a zero-trust architecture and conducting regular security assessments can significantly reduce the risk of supply chain ...
Security29d
Veracode acquires Phylum, Inc. technology to transform software supply chain security
The acquisition enhances Veracode’s ability to identify and block malicious code in open-source libraries ... about the acquisition and software supply chain security, contact the Veracode ...
Virtualization Review21d
Balance Security and Developer Productivity in the software supply chain: Trusted strategies and best practices
The software supply chain is under constant duress from increasingly sophisticated cyberattacks across an attack surface that has grown exponentially. Businesses today are accountable for internal ...
SD Times4y
Report: A 430% increase in next-generation supply chain attacks in last year
Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...
CRN Australia28d
Veracode to boost software supply security chain with Phylum buy
Veracode said that its acquisition of software supply chain security startup Phylum, announced Monday, will enhance its capabilities around protecting against malicious open-source code.