Application Security Open Source Security Firm Hopper Emerges From Stealth With $7.6M in Funding Hopper has emerged from stealth mode with a solution designed to help organizations manage open source software risk. Eduard KovacsApril 22, 2025
Application Security Google Releases Major Update for Open Source Vulnerability Scanner Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers. Ionut ArghireMarch 18, 2025
Supply Chain Security UK Government Report Calls for Stronger Open Source Supply Chain Security Practices Report from the Department for Science, Innovation & Technology (DSIT) finds weaknesses in current practices. Kevin TownsendMarch 11, 2025
Application Security OpenSSF Releases Security Baseline for Open Source Projects The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects. Eduard KovacsFebruary 26, 2025
Application Security Endor Labs and Allies Launch Opengrep, Reviving True OSS for SAST Opengrep is a new consortium-backed fork of Semgrep, intended to be and remain a true genuine OSS SAST tool. Kevin TownsendJanuary 27, 2025
Application Security Google Releases Open Source Library for Software Composition Analysis Google releases OSV-SCALIBR, an open source library for software composition analysis and file system scanning. Ionut ArghireJanuary 17, 2025
Supply Chain Security Cyber Insights 2025: Open Source and Software Supply Chain Security Open source software (OSS) is a prime target for supply chain cyberattacks and protecting it remains a major challenge. Kevin TownsendJanuary 15, 2025
Application Security Google Open Sources Security Patch Validation Tool for Android Google has announced the open source availability of Vanir, a patch validation tool for Android platform developers. Ionut ArghireDecember 6, 2024
Application Security GitHub Launches Fund to Improve Open Source Project Security GitHub has launched a $1.25 million fund to be invested in improving the security of 125 open source projects. Ionut ArghireNovember 20, 2024
Funding/M&A Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads Software supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion. Ryan NaraineJuly 25, 2024
Application Security US, Allies Warn of Memory Unsafety Risks in Open Source Software Most critical open source software contains code written in a memory unsafe language, US, Australian, and Canadian government agencies warn. Ionut ArghireJune 27, 2024
Cloud Security New Open Source Tool Hunts for APT Activity in the Cloud The CloudGrappler open source tool can detect the presence of known threat actors in cloud environments. Ionut ArghireMarch 11, 2024
Application Security CISA Outlines Efforts to Secure Open Source Software Concluding a two-day OSS security summit, CISA details key actions to help improve open source security. Ionut ArghireMarch 8, 2024
ICS/OT Cisco Releases Open Source Backplane Traffic Visibility Tool for OT Cisco has released an open source PoC tool named Badgerboard designed for improved backplane network visibility for OT. Eduard KovacsMarch 6, 2024
Fraud & Identity Theft Linux Foundation Tackles Financial Fraud With Open Source Platform The open source platform Tazama provides cost-effective monitoring of digital financial transactions to prevent fraud in real time. Ionut ArghireMarch 4, 2024
Threat Intelligence From Open Source to Enterprise Ready: 4 Pillars to Meet Your Security Requirements Open source is a great way to test the waters and define requirements. But when looking at putting a platform into production, an enterprise-ready... Marc SolomonFebruary 26, 2024
Application Security Google Open Sources AI-Aided Fuzzing Framework Google has released its fuzzing framework in open source to boost the ability of developers and researchers to identify vulnerabilities. Ionut ArghireFebruary 5, 2024
Supply Chain Security New Offerings From Protect AI, Venafi Tackle Software Supply Chain Security Two new products aim to secure the traditional OSS supply chain, and the new AI model software supply chain. Kevin TownsendJanuary 25, 2024
ICS/OT New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding A new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions from each... Eduard KovacsOctober 25, 2023
Vulnerabilities Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Dozens of Squid caching proxy vulnerabilities remain unpatched two years after a researcher reported them to developers. Eduard KovacsOctober 13, 2023