Business Wire

Lineaje Redefines Software Supply Chain Security with Agentic AI-Driven Risk Elimination, Gold Open Source and SCA360

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...
Forbes

2025’s Biggest Challenges In Open-Source Software Supply Chains

What are the most pressing issues for organizations using open-source software (OSS) in 2025? Is it cyberattacks? Cost efficiency? Or is it the disruptions of AI and new tech? In this article, I’ll ...
Forbes

How Attackers Became The Protagonists Of The Software Supply Chain

Brian Fox is a software developer, innovator and entrepreneur, most prominently known for his role as CTO and Co-Founder of Sonatype, Inc. For those in cybersecurity, 2014 was noteworthy for another ...
KRON4 News

Sweet Security Partners with Illustria to Offer Proactive Open-Source Supply Chain Risk Management

TEL AVIV, Israel, Jan. 08, 2025 (GLOBE NEWSWIRE) -- Sweet Security, a leading provider of Cloud Native Detection and Response solutions, is proud to announce the integration of Illustria's zero-day ...
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...
SiliconANGLE

Chainguard secures $280M to expand its trusted open-source software platform

Secure software supply chain solution provider Chainguard Inc. revealed today that it has raised $280 million in new funding to help meet growing demand and accelerate its mission to make open-source ...
TMCnet

ActiveState Survey Finds Container Security Gaps Expose Enterprises to Breach and Audit Risks

This year's report, the "Container Security Edition," surveyed 250 DevSecOps leaders across North America to uncover the ...
Ars Technica

AI-generated code could be a disaster for the software supply chain. Here’s why.

AI-generated computer code is rife with references to non-existent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...
ZDNet

5 ways to spot software supply chain attacks and stop worms - before it's too late

Shai-Hulud is the worst-ever npm JavaScript attack. This software supply chain worm attack is still ongoing. Here are some ways you can prevent such attacks. For those of you who aren't Dune fans, ...
Arabian Post on MSN

Chainguard widens EmeritOSS safety net for open source

Chainguard has widened its EmeritOSS Lifeline programme to cover 10 additional open-source projects, a move aimed at shoring up the security and reliability of widely used tools that have lost active ...
LinuxInsider

Open Source Security at Risk From Poor Oversight

Open-source software has become a prime target in the escalating wave of cybersecurity threats. As attacks grow more sophisticated, the open-source community is racing to close critical security gaps ...