Security

There is a notable increase in tension between application security workers and application developers over consensus on cloud-native needs, in addition to a growing concern about retaining developer talent in this context.

Researchers reveal a novel security risk as hackers exploit generative AI's 'hallucinations' to deliver malicious code into a company's development environment, posing a growing threat to enterprise security.

A significant portion of the focus for the Red Hat Software Summit held in Boston this week are three core products designed to meet the growing demands for better software security and government regulations requiring enhanced application security across all industries.

New cyber research connects the infamous North Korea-aligned Lazarus Group behind the Linux malware attack called Operation DreamJob to the 3CX supply-chain attack.

Companies that established open-source program offices over the last few years now need more C-suite oversight to drive education, awareness, and use of open-source software. That sets the stage for an expanded role of open-source program officers.

2023 might be a volatile year for cybersecurity officers as they deal with the pressures of maintaining a ridged security posture while also dodging the bullet of blame when attacks are successful.

While Linux malware reached never-before-seen numbers in 2022, the total number of new malware developments among other major computing platforms fell.

In the face of economic headwinds and a worsening problem with code vulnerabilities, 2022 was still a successful year for open source and The Linux Foundation.

Troubles with software supply chain safety have recently grabbed a chunk of negative headline space. That, plus the latest open-source industry news.

A large-scale phishing attack built on typosquatting is targeting Windows and Android users with malware. The campaign currently underway uses more than 200 typosquatting domains that impersonate 27 brands to trick web surfers into downloading malicious software to their computers and phones.

Ubuntu Linux users can now grab some free security help to make keeping up with patches and maintenance easier, data scientists express open-source security concerns, and Chainguard has launched the first Linux OS developed for supply chain security.

Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, introduced the legislation that seeks to address open source software risks in government. The proposed Bill, S. 4913, now awaits action by the Committee on Homeland Security and Governmental Affairs.

Cloudflare's Zero Trust SIM is designed to secure every packet of data leaving a mobile device. After it’s installed, the ZT SIM sends network traffic from the device to Cloudflare’s cloud where its Zero Trust security policies can be applied to the data.

As the open-source model continues to prove its sustainability in the enterprise, the software community is ramping up its security mindedness. That concern was evident in recent weeks as leading Linux groups led the way for better code security.