Business Wire

Lineaje Redefines Software Supply Chain Security with Agentic AI-Driven Risk Elimination ...

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...
CSOonline

Google to launch repository service with security-tested versions of open-source software ...

The paid Assured Open Source Software service will offer common open-source packages after vetting the provenance of its code and dependencies. Developers across the enterprise space are concerned ...
VentureBeat

GitLab acquires software chat startup Gitter, will open-source the code

GitLab, a startup that provides open source and premium source code repository software that people use to collaborate on software, is announcing today that it has acquired Gitter, a startup that ...
VentureBeat

Meet Aardvark, OpenAI’s security agent for code analysis and patching

An aardvark works in an office typing at a desktop PC while happy human workers mill about in the background. Credit: VentureBeat made with ChatGPT Positioned as a scalable defense tool for modern ...
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...
Ars Technica

PyPI halted new users and projects while it fended off supply-chain attack

PyPI, a vital repository for open source developers, temporarily halted new project creation and new user registration following an onslaught of package uploads that executed malicious code on any ...
CSOonline

Why open-source software supply chain attacks have tripled in a year

Uneven maintenance practices and developers' willingness to download risky code have made open-source repositories a favored initial access tactic for attackers. The number of incidents where ...