Open source, open risks: The growing dangers of unregulated generative AI

While mainstream generative AI models have built-in safety barriers, open-source alternatives have no such restrictions. Here’s what that means for cyber crime. There’s little doubt that open-source is the future of software. According to the 2024 State of Open Source Report, over two-thirds of businesses increased their use of open-source software in the last year. […]

The post Open source, open risks: The growing dangers of unregulated generative AI appeared first on Security Intelligence.

Continue reading Open source, open risks: The growing dangers of unregulated generative AI

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat. Continue reading XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

Google Offers Bug Bounties for Generative AI Security Vulnerabilities

Google’s Vulnerability Reward Program offers up to $31,337 for discovering potential hazards. Google joins OpenAI and Microsoft in rewarding AI bug hunts. Continue reading Google Offers Bug Bounties for Generative AI Security Vulnerabilities

Top 10 open-source security and operational risks of 2023

Many software companies rely on open-source code but lack consistency in how they measure and handle risks and vulnerabilities associated with open-source software, according to a new report.
The post Top 10 open-source security and operational risks o… Continue reading Top 10 open-source security and operational risks of 2023

What is Microsoft’s Secure Supply Chain Consumption Framework, and why should I use it?

Microsoft has open sourced its framework for managing open source in software development.
The post What is Microsoft’s Secure Supply Chain Consumption Framework, and why should I use it? appeared first on TechRepublic.
Continue reading What is Microsoft’s Secure Supply Chain Consumption Framework, and why should I use it?

Announcing Synopsys as an OpenChain Project third-party certifier

Synopsys can measure the maturity of security activities within an open source management framework in compliance with the OpenChain standard and ISO/IEC 5230:2020.
The post Announcing Synopsys as an OpenChain Project third-party certifier appeared f… Continue reading Announcing Synopsys as an OpenChain Project third-party certifier

What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report

As the use of open source has grown, so has the number of vulnerabilities. Uncover the latest findings from the 2021 OSSRA report.
The post What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report appeared first on Software Integrity Bl… Continue reading What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report

Open source license compliance and dependencies: Peeling back the licensing layers

How can you successfully navigate open source license compliance? Start with the right tools to identify your dependences and calculate their risks.
The post Open source license compliance and dependencies: Peeling back the licensing layers appeared … Continue reading Open source license compliance and dependencies: Peeling back the licensing layers

AppSec Decoded: Why organizations can’t ignore open source security

In this AppSec Decoded interview, we discuss the security and legal risks companies face when open source security vulnerabilities are ignored.
The post AppSec Decoded: Why organizations can’t ignore open source security appeared first on Software In… Continue reading AppSec Decoded: Why organizations can’t ignore open source security

Assessing the state of mobile application security through the lens of COVID-19

Are today’s mobile apps secure or do they offer opportunities for attackers? Learn about the state of mobile application security in our new report.
The post Assessing the state of mobile application security through the lens of COVID-19 appeared fir… Continue reading Assessing the state of mobile application security through the lens of COVID-19