A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
Business Wire

Checkmarx Expands Software Supply Chain Security with Advanced Secrets Detection and Repository Health

PARAMUS, N.J.--(BUSINESS WIRE)--With the vast majority of development teams using open source software and employing agile development, Checkmarx, the industry leader in cloud-native application ...
Guru3D

Malicious VS Code Extension Linked to Theft of 3,800 GitHub Repositories

A reported software supply chain attack involving a malicious Visual Studio Code extension has exposed the growing security ...
VentureBeat

GitLab acquires software chat startup Gitter, will open-source the code

GitLab, a startup that provides open source and premium source code repository software that people use to collaborate on software, is announcing today that it has acquired Gitter, a startup that ...
VentureBeat

Atlassian Bitbucket now lets you deploy code to AWS, Microsoft Azure, DigitalOcean

Atlassian, an Australian software company preparing to go public on the NASDAQ, is announcing today that developers can now deploy code from Atlassian’s Bitbucket source code repository software onto ...
CSOonline

Google to launch repository service with security-tested versions of open-source software packages

The paid Assured Open Source Software service will offer common open-source packages after vetting the provenance of its code and dependencies. Developers across the enterprise space are concerned ...
ZDNet

10 trillion downloads are crushing open-source repositories - here's what they're doing about it

Open-source repositories are collapsing under the strain of 10 trillion downloads annually. All the major repositories are joining together to tackle this problem. While a lack of funds is a major ...