GovInfoSecurity

Webinar | Software Supply Chain Security: More Than Open Source

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use ...

tea.xyz Flags Critical Open-Source Supply-Chain Risks In 2026

ZUG, Switzerland, Jan. 16, 2026 (GLOBE NEWSWIRE) -- tea.xyz has announced their new ecosystem findings highlighting escalating risks across the global open-source software supply chain, warning that ...
KTLA

CISA, DHS S&T and OpenSSF Announce Global Launch of Software Supply Chain Open Source Project

WASHINGTON, April 16, 2024 (GLOBE NEWSWIRE) -- The Open Source Security Foundation (OpenSSF), in collaboration with the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of ...
Forbes

2025’s Biggest Challenges In Open-Source Software Supply Chains

What are the most pressing issues for organizations using open-source software (OSS) in 2025? Is it cyberattacks? Cost efficiency? Or is it the disruptions of AI and new tech? In this article, I’ll ...
SiliconANGLE

Chainguard secures $280M to expand its trusted open-source software platform

Secure software supply chain solution provider Chainguard Inc. revealed today that it has raised $280 million in new funding to help meet growing demand and accelerate its mission to make open-source ...
Forbes

Why Enterprises Must Apply Zero Trust To Open Source Software

Over the last decade, enterprises have transformed the way they build software. What used to be mostly proprietary code is now dominated by open-source components. In many cases, more than 80% of an ...
Washington Technology

Software Supply Chain: Your Path to Zero CVEs

The software supply chain faces a growing array of sophisticated threats that put critical government systems and national security at risk. “Adversaries are exploiting the entire development pipeline ...
TechRepublic

How GitHub Is Securing the Software Supply Chain

A surge in supply chain attacks has put open-source software risk, prompting GitHub to strengthen security across its npm ecosystem. The company, which operates the world’s largest code repository, is ...
ZDNet

5 ways to spot software supply chain attacks and stop worms - before it's too late

Shai-Hulud is the worst-ever npm JavaScript attack. This software supply chain worm attack is still ongoing. Here are some ways you can prevent such attacks. For those of you who aren't Dune fans, ...
CSOonline

Modern supply-chain attacks and their real-world impact

Supply-chain attacks have evolved considerably in the last two years going from dependency confusion or stolen SSL among others once common attacks to AI-backed social engineering and open-source ...

Auto industry expands open-source pact to boost development, cut costs

By Rachel More BERLIN, Jan 7 (Reuters) - More than 30 companies across the automotive supply chain have agreed to collaborate ...