Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...
Infosecurity MagazineOpinion

In Conversation: Learnings for CISOs Post Black Hat and DEF CON

OpenSSF's Christopher “CRob” Robinson discusses highlights open source discussions around AI security, SBOM adoption and ...
CSO Online

OT security: Why it pays to look at open source

In contrast, open source tools offer some decisive advantages: Lower costs: no license fees, only investment in hardware and implementation. Flexibility and adaptability: Source code is freely ...
InfoQ

Linux Security Tools Bypassed by io_uring Rootkit Technique, ARMO Research Reveals

Security researchers at ARMO have uncovered a significant vulnerability in Linux runtime security tools that stems from the ...
The Robot Report

OpenMind launches OM1 Beta open-source, robot-agnostic operating system

OpenMind says its OM1 open-source operating system is hardware-agnostic and enables autonomy and developer collaboration.
Nextgov

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

A Russia-based Yandex employee is the sole maintainer of a widely used open-source tool embedded in at least 30 pre-built software packages in the Department of Defense, raising potential risks of ...

New open-source tool from Permiso uncovers dangerous inbox rule blind spots

The new tool seeks to deal with what research from Permisso dubs “Inboxfuscation.” It’s a Unicode-based evasion technique that can create malicious rules invisible to traditional monitoring systems, ...
insideHPC

Linux Foundation Energy Announces New Members

LF Energy, the open source foundation accelerating the energy transition, welcomes five new members from leading - Read more ...