open-source code Archives - Cyber Security Minute

LofyLife: malicious packages in npm repository | Kaspersky official blog

Issued by: Kaspersky Blog

Open-source code is a blessing for the IT industry — it helps programmers save time and build products faster and more efficiently by eliminating the need of writing repetitive common code. To facilitate this knowledge sharing, there are repositories — open platforms where any developer can publish their own packages with their code to speed…

Application Security

Tidelift Raises $27 Million to Tackle Open Source Supply Chain Security

Issued by: Security Week

High profile supply chain attacks like SolarWinds, Kaseya, Codecov, ua-parser-js and Log4j have put pressure on companies and governments to address the risks associated with open source and other software supply chain risks. President Biden’s May 2021 Executive Order includes supply chain attacks as an area of concern. More recently, on January 13, 2022, a…

Vulnerabilities

4 best practices to avoid vulnerabilities in open-source code

Issued by: CSO

This year presented even more challenges for ensuring the integrity and security of open-source ecosystems. Open source has been the greatest boon to developers in that virtually anyone can use and customize it, typically at no cost, and contribute to the community. What has been a means of ensuring greater transparency, security and promoting developer…