Earlier this year, a Microsoft developer realized that someone had inserted a backdoor into the code of open source utility XZ Utils, which is used in virtually all Linux operating systems. The ...

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...

Open-source security is a mess - IBM and Red Hat bet $5 billion and 20,000 engineers can fix it ...

In the world of software development, the debate between open-source and proprietary software has been ongoing for years. While both have their merits, open-source software is increasingly being ...

Hidden dependencies, social engineering attacks, and the complexity of foundation models can all contribute tothe insecure use of open-source software in 2025. Open-source software is common ...

Value stream management involves people in the organization to examine workflows and other processes to ensure they are deriving the maximum value from their efforts while eliminating waste — of ...

The Open Source Security Foundation (OpenSSF), a cross-industry initiative of the Linux Foundation focused on sustainably ...

The Linux Foundation, a nonprofit organization enabling mass innovation through open source, today announced the release of “Census III of Free and Open Source Software—Application Libraries” (Census ...

Open source security incidents aren't going away. The reliance on open source software (OSS) increases year-over-year, with more than 95% of all software, including open source, in some capacity. From ...