CrowdStrike and Google take down botnet used by hackers to target software developers in supply chain attacks

Cybercriminals used the Glassworm botnet to infect open source software projects with malware, and in turn hack the ...
InfoWorld

Attack targeting OpenAI Codex users exposes AI software supply chain risks

The incident highlights how attackers can hide malicious code in software packages that differ from the source code available ...

Yearslong fight over users’ right to tweak smart TV software heads to trial

For years, owners of Vizio smart TVs have had little control over the software running on their sets—software that can track ...

Incident at Vodafone: Cyber gang Lapsus$ steals source codes

The criminal gang Lapsus$ managed to steal data such as software source codes from Vodafone. They have now appeared online.

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...

Source Code Is Not The Product: Why Commercial Open Source Works

Done right, openness creates a stronger business structure and a larger surface area for value creation than closed software.
Unite.AI

RevEng.AI Raises $15 Million Series A to Verify the Security and Integrity of AI-Generated Software

As AI-generated code becomes increasingly embedded across enterprise and government systems, cybersecurity startups are ...

The pitfalls of customizable open-source CRM platforms: The promise vs. the reality

Nutshell reports that open-source CRMs offer customization but often require significant time, money, and expertise, making ...
InfoWorld

Lack of response to critical vulnerability in Gogs is a reminder of the limits of open source projects

Two months after Rapid7 discovered the hole in the Git service, the project maintainer has yet to patch the bug.
Tech Times

Flathub AI Ban Blocks Every Submission Type on Flatpak Repos, Enforcement Hits Open Source Hardest

Flathub AI ban now covers code, metadata, build scripts, and pull requests, with permanent bans for repeat violations. Linux ...
The Manila Times

IBM and Red Hat Commit $5 Billion to Redefine the Future of Open Source in the AI Era

Project Lightwell establishes a trusted enterprise clearinghouse for open source software with a new AI-driven model for ...
Decrypt

Perplexity Built a Tool That Checks Your Computer for Infected Software—Without Setting Off the Infection

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.