Recent cybersecurity threats such as Log4Shell have sparked interest in public-private partnerships and other initiatives to secure open-source software. Major US tech companies including Google and ...

GitHub plans to use the code-signing platform Sigstore to protect its open-source registry, which was impacted by a cyberattack earlier this year. Microsoft-owned GitHub is proposing a new strategy to ...

Open source designs offer flexibility, yet they also create long-term dependency paths that may hide more risk than developers expect. Many companies now treat container security as the first real ...

A major security incident affecting the widely used open source vulnerability scanner Trivy has exposed critical weaknesses in software supply chain security, after maintainers confirmed that a ...

Percona and Chainguard aim to cut CVE patching and reduce overhead with secure-by-default images for open-source databases.

ZUG, Switzerland, Jan. 16, 2026 (GLOBE NEWSWIRE) -- tea.xyz has announced their new ecosystem findings highlighting escalating risks across the global open-source software supply chain, warning that ...

AI has upended the foundation of open source security, and commercial open source applications must close their code to protect sensitive data.

An international team is collaborating on a 3.5-year mission to revolutionize how we protect data at the processor level.