The scale and sophistication of attacks targeting developers, software teams and CI/CD pipelines continued to grow in Q2 2025, with Sonatype reporting a 188% annual increase in malicious open source ...

Tea.xyz has announced their new ecosystem findings highlighting escalating risks across the global open-source software ...

Fulton, Md., July 08, 2025 (GLOBE NEWSWIRE) -- Sonatype ®, the end-to-end software supply chain security company, today released the Q2 2025 edition of its Open Source Malware Index, uncovering 16,279 ...

The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of ...

A new report out today from software supply chain security firm Sonatype Inc. details how the infamous North Korea-backed hacking group Lazarus has intensified its cyber espionage operations by ...

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...

Malicious open-source packages are an unseen but rapidly growing threat to U.S. government. A 92% spike in identified malicious packages from 2022–2024 underscores the urgency. This e-book equips ...

Software supply chain management firm Sonatype Inc. today said it found a sharp rise in malicious activity targeting software developers and supply chains in the second quarter. The company’s Q2 2025 ...

I don’t know if you’ve paid attention, but installing apps on a PC can be a real pain. While the Microsoft Store is the safest and easiest way to install apps, there are way too many issues to ignore, ...

SAN FRANCISCO, June 6, 2025 /PRNewswire/ -- Today, the Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the launch of the FAIR Package Manager ...