VentureBeat

GitLab acquires software chat startup Gitter, will open-source the code

GitLab, a startup that provides open source and premium source code repository software that people use to collaborate on software, is announcing today that it has acquired Gitter, a startup that ...
CSOonline

Google to launch repository service with security-tested versions of open-source software packages

The paid Assured Open Source Software service will offer common open-source packages after vetting the provenance of its code and dependencies. Developers across the enterprise space are concerned ...
TechCrunch

DeepSeek to open source parts of online services code

Chinese AI lab DeepSeek plans to open source portions of its online services’ code as part of an “open source week” event next week. DeepSeek will open source five code repositories that have been ...
Ars Technica

More malicious packages posted to online repository. This time it’s PyPI

Researchers have uncovered yet another supply chain attack targeting an open source code repository, showing that the technique, which has gained wide use in the past few years, isn’t going away any ...
TechRepublic

Top 10 open-source security and operational risks of 2023

Top 10 open-source security and operational risks of 2023 Your email has been sent Many software companies rely on open-source code but lack consistency in how they measure and handle risks and ...
Dark Reading

One-Third of Popular PyPI Packages Mistakenly Flagged as Malicious

The scanners tasked with weeding out malicious contributions to packages distributed via the popular open source code repository Python Package Index (PyPI) create a significant number of false alerts ...
CSOonline

Why open-source software supply chain attacks have tripled in a year

Uneven maintenance practices and developers' willingness to download risky code have made open-source repositories a favored initial access tactic for attackers. The number of incidents where ...