Dark Reading

How Hackers Infiltrate Open Source Projects

The open source software that the vast majority of organizations include in their critical applications is vulnerable to exploitation from threat actors taking part in its creation. That's the message ...
CSOonline

More open-source project takeover attempts found after XZ Utils attack

The Open Source Security Foundation (OpenSSF) together with the OpenJS Foundation have identified additional incidents where attackers attempted to social engineer their way into the management of ...
InfoWorld

How to upstream code to open source projects

Upstreaming can improve your code, simplify development, and lighten your maintenance burden. Follow these best practices when donating code and reap the benefits. Code commonly flows downstream, from ...