Threat Post

Code Reuse a Peril for Secure Software Development

Open source and third-party software bugs haunt even the best developers’ projects, despite the industry’s best efforts to avoid them. The amount of insecure software tied to reused third-party ...
PC World

Ubuntu, ownCloud, and a hidden dark side of Linux software repositories

The version of ownCloud in Ubuntu’s Universe repositories is old and full of “multiple critical security vulnerabilities.” It’s no secret. The ownCloud project itself asked Ubuntu to remove it so ...

The new engineering workflow may involve more than humans

As AI agents move deeper into software development, many engineering teams are starting to rethink what developers actually ...
The Caledonian-Record

Sonatype Firewall Extends Malicious Package Protection to Any Repository

Sonatype ®, the control plane for agentic software development, today expanded Sonatype Firewall protections to help organizations block malicious open source packages ...
Dark Reading

Leaked Development Secrets a Major Issue for Repositories

More than 5,000 passwords, private keys, and other development "secrets" are leaked every day when programmers push code to online repositories — a year-over-year increase of 20% that also makes the ...