#opensourcesecurity 검색 결과

Chinese threat actors are weaponizing open-source tools for stealthier attacks — blurring lines between community innovation and covert operations. 🧰🐉 #OpenSourceSecurity #ThreatActor buff.ly/7JPElpV

Open source = innovation. But it’s also a growing attack surface. Open-source malware is on the rise! Download our whitepaper: it shows how to detect, block & prevent these threats ➡️xygeni.io/download-white… #AppSec #OpenSourceSecurity #SupplyChainSecurity #DevSecOps #Xygeni

In the shadowy world of code, a new beast lurks: Vibe Coding. As developers swap to AI-generated code, they open Pandora's box of cyber threats. Will we survive this dystopian #OpenSourceSecurity nightmare? #AI #CyberSecurity wired.com/story/vibe-cod…...

Recent study on npm security reporting: from 10.9M GitHub issues across 37k repos, only 0.13% were tagged “security”—yet a vetted classifier surfaced 1.62M security issues (14.8%). CVE refs sped closure; bots often increased staleness. arxiv.org/abs/2506.07728 #OpenSourceSecurity…

Developer playbook for the npm supply chain attack 2025: OIDC + trusted publishing, ignore-scripts, dependency freeze, maintainer allowlists, SBOM gates, mirror registry. cybersrely.com/npm-supply-cha… #npm #OpenSourceSecurity #GitHubActions #SLSA #SBOM

AuditKit v0.6.0 live: CMMC Level 1 ready (17 practices) Nov 10, 2025 deadline tracking ScubaGear integration framework AWS + Azure support Defense contractors: Level 1 free, Level 2 (110 practices) on request. #CMMC #compliance #opensourcesecurity github.com/guardian-nexus…

5) The future of data management is here: secure, transparent, and community-driven. Stay ahead of the curve by embracing open-source solutions. #OpenSourceSecurity #Major #Tech #Europe #Military #Austria #Microsoft #LibreOffice #Security #Concern

GitHub is rolling out mandatory stronger auth and short-lived tokens to harden npm publishing after recent supply chain attacks. Expect FIDO 2FA and seven-day token limits. #SupplyChainSecurity #OpenSourceSecurity #npm #GitHub #2FA #FIDO2 #DevSecOps #CICD #TokenSecurity

LibTIFF CVE-2025-9900: Patch Guidance A new write-what-where flaw in LibTIFF allows attackers to corrupt memory and possibly gain control. Patch ASAP to avoid risk. For more details, read ZeroPath's blog on this vuln. #AppSec #InfoSec #OpenSourceSecurity…

Xygeni SCA: Open Source Security Secure your open-source dependencies, without slowing devs down. ➡️ xygeni.io/open-source-se… 💠 Catch vulns early, Block malware at install, Auto-fix with smart PRs, Prioritize with real context & more. #OpenSourceSecurity #AppSec #DevSecOps

GitHub announced a comprehensive plan to enhance npm security following recent attacks, implementing trusted publishing and strengthening authentication practices to protect the open source ecosystem and mitigate future risks. #npm #OpenSourceSecurity github.blog/security/suppl…

☀️ Three amazing days of sunny weather, beach vibes, and brilliant ideas shared between students and industry partners at the ORSHIN Summer School 🌊💡 Thanks to everyone who joined and made this summer school a unique experience! 👏 #OpenSourceSecurity #ORSHIN

Learn how EU Cyber Resilience Act impacts open source security in our latest blog post! #CyberResilience #OpenSourceSecurity sprou.tt/1MRguVyPCJo

Arkime: Open-Source Network Analysis & Packet Capture Tool digitrendz.blog/?p=46550 #arkime #NetworkAnalysis #OpenSourceSecurity #PacketCapture

Effective open source vulnerability remediation and license compliance require systematic processes. Here's how we do it 👉 conclusive.tech/blog/open-sour… #OpenSourceSecurity #CyberSecurity #EmbeddedSystems

Open-source risks hide in every codebase. Our eBook Advanced Software Composition Analysis shows how to detect, prioritize & mitigate OSS threats across the SDLC. Download it now ➡️ xygeni.io/download-ebook… #DevSecOps #SCA #OpenSourceSecurity

☀️ Three amazing days of sunny weather, beach vibes, and brilliant ideas shared between students and industry partners at the ORSHIN Summer School 🌊💡 Thanks to everyone who joined and made this summer school a unique experience! 👏 #OpenSourceSecurity #ORSHIN

"Security Issues in Open Source Projects" webinar has just started 🚀 Join Us!👉t.ly/e1YFu #OpenSourceSecurity #DevSecOps 💻

Years I've been screaming about the inherent risks in open source. Billions in system prompts exposed? This ain't a surprise. Security by obscurity is a fool's game. When will the industry truly prioritize secure coding practices? #OpenSourceSecurity #Cybersecurity

🔒 Uncover the intricacies of Open Source Project Security in our latest webinar! 🌐 Explore risks, evolving strategies, and key tools like Snyk, Veracode, Sonatype, SonarSource, and GitHub dependabot. Register👉t.ly/e1YFu #OpenSourceSecurity #DevSecOps 🚀💻

As a Security boy, I don do my contribution. Wait for update….. #OpenSourceSecurity

#freesoftware #opensource #opensourcesecurity ! ⬅️😅 System Programming is one the most complex/hardest jobs in the world. Why you think it/parts of it should be free ?! “When a pipe fitter worked just one minute free for me, I’ll type a free character for you !”

🚨 Security pros! Got an open-source project that can change the game? Black Hat's Call for Tools is your chance to showcase it. Let’s make the cyber world safer together. @toolswatch Submit now! #BlackHat #OpenSourceSecurity #CallForTools: usa-arsenal-cfp.blackhat.com

🌐 @OpenSSF is driving the future of #OpenSourceSecurity! 🛡️ Get involved: 💌 Newsletter: hubs.la/Q02rklDq0 📊 Education Survey: hubs.la/Q02rkHSm0 💬 Join our Slack: hubs.la/Q02rkf2M0

【6/2 日本橋＋オンライン】OSSセキュリティMeetup 世界最大規模のオープンソースカンファレンス Open Source Summit NAで開催された #OpenSSFDay のイベントレポートをいち早くお届けします！ 交流会もあります、ぜひご参加ください 登録 : hubs.la/Q01Qkskl0 #opensourcesecurity

Amazing discussion around #opensourcesecurity #softwaresecurity between @mehimansu @juliangordonhk8 at @openssf meet @CRED_club @snyksec

🚨 Attention Open Source Maintainers! 🚨 The Open Source Security (OpenSSF) and @OpenJS Foundations have issued a critical alert due to a recent attempted takeover of the XZ Utils project. ➡ hubs.la/Q02sNZSk0 #OpenSourceSecurity

Overexposed to risk with public images? Get @ActiveState's free secure containers—rebuilt, scanned, and now on Docker Hub. 🛡️ Cut out CVEs and patching hassle. Just pull, trust, and deploy: thn.news/activestate-do… #DevSecOps #OpenSourceSecurity

📆 Happening this Friday at @BSides_ABQ: @KadiGrigg will be taking the stage for her talk - Trail Blazing: Lessons from the Oregon Trail for a Secure Software Supply Chain. Learn more: bit.ly/410BILC #BSidesABQ #AppSec #OpenSourceSecurity

BeVigil uncovered exposed Apache ActiveMQ instances using default credentials, posing severe risks like RCE. Open-source security is crucial for organizations. 🔒💻 #OpenSourceSecurity #RemoteCodeExecution #India link: ift.tt/guKlyFM

🚨 Open source = new battleground. @sonatype blocked 234 Lazarus Group malware packages posing as dev tools on npm & PyPI. 📦 Used to steal secrets & persist in CI/CD pipelines. “Trust in open source is not immune to exploitation.” — Sonatype #LazarusGroup #OpenSourceSecurity…

#LinuxSecuritySummit is the home of all things #OpenSourceSecurity. Join us in Vancouver, Canada on May 10-12 for this highly technical forum designed for #Linux #developers, #researchers & end users. Save US$75 when you register by March 21! hubs.la/Q01FGwy60 #OpenSource

Custom containers, zero headaches. @ActiveState builds and scans your stack from OS to app—SBOM, low-to-no CVEs, ready for your CI/CD. Own your security. Stop inheriting risk. Customize Your Container → thn.news/activestate-co… #DevSecOps #OpenSourceSecurity

Hackers have compromised several widely used JavaScript packages, injecting malicious code to steal cryptocurrency from users. . Read more:buff.ly/fUxCISd #CyberCrime #OpenSourceSecurity

𝐎𝐩𝐞𝐧 𝐒𝐨𝐮𝐫𝐜𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐚𝐧𝐝 𝐆𝐞𝐧𝐞𝐫𝐚𝐭𝐢𝐯𝐞 𝐀𝐈 Check out this past featured webinar! 🔍 buff.ly/0BYZ88Q #opensource #opensourcesoftware #opensourcesecurity #generativeai #genAI #AI #sourcecode #cybersecurity #ThrowbackThursday