Dark Reading

How Hackers Infiltrate Open Source Projects

The open source software that the vast majority of organizations include in their critical applications is vulnerable to exploitation from threat actors taking part in its creation. That's the message ...
ZDNet

Open-source security: Zip Slip critical flaw hits thousands of projects. Update now

Security firm Snyk has disclosed a widespread and critical flaw in multiple archive file-extraction libraries found in thousands of open-source web application projects from HP, Amazon, Apache, Oracle ...