TechRepublic

350,000 open source projects at risk from Python vulnerability

Cybersecurity company Trellix announced Wednesday that a known Python vulnerability puts 350,000 open-source projects and the applications that use them at risk of device take over or malicious code ...
Computer Weekly

15-year-old Python bug present in 350,000 open source projects

A 15-year-old vulnerability in the open source Python programming language is still finding its way into live code, with the result that over 350,000 projects are at risk of potential supply chain ...
Bleeping Computer

PyPI mandates 2FA for critical projects, developer pushes back

On Friday, the Python Package Index (PyPI), the official repository of third-party open-source Python projects announced plans to mandate two-factor authentication requirement for maintainers of ...

Two different attackers poisoned popular open source tools - and showed us the future of ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...
ZDNet

How fake security reports are swamping open-source projects, thanks to AI

You'd think artificial intelligence (AI) is a boon for developers. After all, a recent Google survey found that 75% of programmers rely on AI. On the other hand, almost 40% report having "little or no ...
TechCrunch

Open source projects draw equity-free funding from corporates, startups, and even VCs

A dearth of funding for vital open source technologies is leading to a swath of support from startups, unicorns, corporations, and even venture capital firms. “It goes without saying that this holds ...