Anaconda Inc., the developer of an open-source data science platform, today announced a unified artificial intelligence development platform purpose-built for use with open-source software. The ...

Attackers uploaded fake Python packages to PyPI that posed as Bitcoinlib tools and targeted wallet data. The malware infected crypto development environments, stole private keys and seed phrases and ...

The risks associated with leveraging open source libraries, and the review needed, are increasing. In the first half of 2025, cybersecurity researchers observed a sharp rise in the incidence of ...

Over half of the malware Sonatype discovered in Q1 2025 was designed to exfiltrate sensitive information from infected systems, the company said. Software supply chain security company Sonatype ...

Malicious open-source packages are an unseen but rapidly growing threat to U.S. government. A 92% spike in identified malicious packages from 2022–2024 underscores the urgency. This e-book equips ...

Due to automation and a high-reward, low-risk threat environment, open source malware increased 188% year over year in the second quarter of this year. Supply-chain security vendor Sonatype today ...

A self-replicating malware is worming its way into open source software components. The malware's name is "Shai-hulud," presumably taking its name from the Dune sandworms, and it's particularly ...

North Korean threat actors have distributed over 200 malicious open source packages, in an audacious new cyber-espionage campaign, according to Sonatype. The security vendor blocked 234 unique npm and ...

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations ...