TMCnet

ActiveState Survey Finds Container Security Gaps Expose Enterprises to Breach and Audit Risks

This year's report, the "Container Security Edition," surveyed 250 DevSecOps leaders across North America to uncover the ...
Business Insider

Sweet Security Partners with Illustria to Offer Proactive Open-Source Supply Chain Risk Management

TEL AVIV, Israel, Jan. 08, 2025 (GLOBE NEWSWIRE) -- Sweet Security, a leading provider of Cloud Native Detection and Response solutions, is proud to announce the integration of Illustria's zero-day ...
The Hacker News

The State of Trusted Open Source

Analysis shows most security risk sits in longtail open source images, with 98% of CVEs outside top projects & Critical flaws ...
Ars Technica

Supply-chain attacks on open source software are getting out of hand

It has been a busy week for supply-chain attacks targeting open source software available in public repositories, with successful breaches of multiple developer accounts that resulted in malicious ...
Dark Reading

Lessons From OSC&R on Protecting the Software Supply Chain

The complexity of today's software development — a mix of open source and third-party components, as well as internally developed code — has resulted in an abundance of vulnerabilities for attackers ...
Forbes

How Attackers Became The Protagonists Of The Software Supply Chain

Brian Fox is a software developer, innovator and entrepreneur, most prominently known for his role as CTO and Co-Founder of Sonatype, Inc. For those in cybersecurity, 2014 was noteworthy for another ...