Open Source
Half of critical open source projects contain memory-unsafe code, U.S. cyber agency says
The findings come after recent hijacking attempts into major open-source tools.
New mailing list aims to share hacking attempts on open-source projects
The Siren email list allows members to share active exploitations of open-source projects, fueled by recent attempts to sabotage free-to-use software tooling
Feds beware: New studies demonstrate key AI shortcomings
Recent studies have started to show that there are serious downsides when it comes to such programs’ ability to produce secure code.
Hackers tried to breach, disable widely used open-source Java tools, groups warn
The alert comes just after a possible nation state entity attempted to hijack an open-source Linux tool last month.
Linux backdoor was a long con, possibly with nation-state support, experts say
If the XZ Utils vulnerability hadn’t been caught in time, hackers would have had a “skeleton key to the world,” one analyst told Nextgov/FCW.
NTIA explores the benefits and risks of open-weight AI models
A new request for information issued by the National Telecommunications and Information Administration will inform regulatory policy on open-weight models.
Taking open source risks seriously
COMMENTARY | Software bills of materials don't address what tech leaders should actually do to make sure open source components are safe to use.
CISA collaborative weighs in on open source software security
The public-private Joint Cyber Defense Collaborative called on the open source software community to further invest in the development of secure software, tools and technologies.
Army hopes big-data techniques can help secure its clouds
“Multifactor authentication will not be enough,” said the Army’s senior cyber leader.
White House looks to shore up open source software security
The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon."
How the US is using open-source intel to track Russia's war in Ukraine
Analysts are moving beyond who-what-when-where to "really focusing on the why,” a senior defense intelligence official said.
House Panel Advances Bills to Boost CISA’s Oversight of Open Source Software, Cyber Training
The two measures, which passed the committee with bipartisan support, would give CISA authority across DHS and the federal government.
Featured eBooks