CSOonline

Malicious open-source software packages have exploded in 2024

The open-source development ecosystem has experienced a significant rise in malicious software components, putting enterprises on high alert for software supply chain attacks. Malware is infiltrating ...
EDN

Comm software development package

San Jose, Calif. — The JumpStart for Communications software development package includes version 4.0 of the LynxOS, the FreeBSD 4.2 TCP/IP protocol stack, and enhanced routing algorithms such as ...
CSO Online

Software developers: Prime cyber targets and a rising risk vector for CISOs

From technical compromise to AI-driven attacks, cyber criminals increasingly see software developers as prime targets, creating systemic risks CISOs must address.
Krebs on Security

Self-Replicating Worm Hits 180+ Software Packages

At least 187 code packages made available through the JavaScript repository NPM have been infected with a self-replicating worm that steals credentials from developers and publishes those secrets on ...
Bleeping Computer

Why a secure software development life cycle is critical for manufacturers

For all the scary talk about cyberattacks from vendors and industry experts, relatively few attacks are actually devastating. But the Jaguar Land Rover (JLR) attack was. The JLR breach wasn’t some ...
dbta

JFrog Curation Automates Risky Package Detection for Open Source Software

JFrog, the Liquid Software company and creators of the JFrog Software Supply Chain Platform, is launching JFrog Curation, an automated DevSecOps solution that checks and validates open source or third ...
InfoWorld

JFrog Curation blocks malicious open source software packages

JFrog Curation blocks the use of risky open source software packages without compromising development speed or the developer experience, JFrog said. It uses binary metadata for identifying malicious ...