Normally reserved for data analysis, a cybersecurity firm caught online content pirates hosting soccer matches.

Researchers can’t tell if the malware was used in a campaign, or North Korean operatives were caught before they could deploy it in the wild.

Federal agencies would have to address everything from AI to cloud security to access management, sources told CyberScoop.

The open-source ecosystem is being overrun by malicious packages, a new report from Sonatype finds.

The vulns would allow attackers to run any commands on targeted computers without user knowledge. But it would take a lot of work to get to that…

The volunteers that maintain open-source software have always been knocked around by the tech community. The Jia Tan hack made it all so much worse.

The Biden administration is looking to understand just how widespread open-source software is in critical infrastructure.

The OpenSSH bug represents the latest high-profile vulnerability to affect the open-source software ecosystem.

A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.

An operation to undermine the software utility XZ Utils has exposed the fragile human foundations on which the modern internet is built.