SUPPLYSHIELD combines large-scale AI systems with human validation to maintain secure versions of libraries across the full dependency tree. When new vulnerabilities are disclosed, the platform ...

The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...

Two years ago, the joint government-private sector response to the Log4j vulnerability that spawned 800,000 attacks worldwide led to the Enduring Security Framework for federal agencies adopting open ...

Less than a year after closing its last funding round, Chainguard Inc. today disclosed that it has raised another $140 million to support its sales growth. Redpoint Ventures, Lightspeed Venture ...

ActiveState has grown its secure catalog to 79M, doubling coverage from 2025 and expanding to more than 12 languages. Open source software powers 96% of modern software applications, with most ...

In 2020, the SolarWinds incident served as a wake-up call for the tech industry, highlighting the urgent need for organizations to refine their response strategies to critical CVEs (common ...

Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.

The Apache Software Foundation (The ASF), the global home of open source software the world relies on, today announced a $1.5M donation from Anthropic to support the ASF’s infrastructure, security, ...

Open-source software powers the majority of today’s businesses. An estimated 70% to 90% of modern software solutions use a code base made up of open-source components, according to 2022 data from the ...

A growing body of academic research warns that AI-assisted “vibe coding,” where language models assemble software from ...

The struggle between open source and proprietary software is well understood. But the tensions permeating software circles for decades have shuffled into the artificial intelligence space, in part ...