SonarSource SA, which does business as Sonar, said today that it has signed a definitive agreement to acquire Tidelift Inc., a provider of services to manage open-source components. Terms weren’t ...

Software supply chain attacks are evolving as open source and AI-generated code introduce new third-party risks. Learn how ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Open-source large language models (LLMs) ...

Linux and open source are also on track to become more secure in 2026, as the ecosystem simultaneously hardens the kernel, ...

In February, The Linux Foundation’s Open Source Security Foundation (OpenSSF) initiated the Open Source Project Security Baseline (OSPS Baseline) to establish minimum security requirements for ...

Open-source software has become a prime target in the escalating wave of cybersecurity threats. As attacks grow more sophisticated, the open-source community is racing to close critical security gaps ...

Open source security incidents aren't going away. The reliance on open source software (OSS) increases year-over-year, with more than 95% of all software, including open source, in some capacity. From ...

Caught before it could do widespread damage, the sophisticated vulnerability could have been one of the highest-impact software supply chain breaches to date.

Open-source software tools continue to increase in popularity because of the multiple advantages they provide including lower upfront software and hardware costs, lower total-cost-of-ownership, lack ...

Today, the vast majority of codebases rely on open-source code. It is estimated that 70 to 90 percent of all software “stacks” are composed of it. In all likelihood, the vast majority of the apps on ...

Significant security risks continue to be prevalent in open source software practices, a new report by the Linux Foundation, OpenSSF and Harvard University has found. The CENSUS III project was based ...

Open-source EDA tools are free, readily available, and growing in numbers, but many chipmakers are wary of using them due to security concerns. On the plus side, proponents say these tools can help ...