open source development
Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi
Richi Jennings | | BIOS, CVE-2023-40547, Enterprise Linux and Open Source, Linux, open source, Open Source and Software Supply Chain Risks, open source code, Open Source Community, open source components, open source development, Open Source Ecosystem, SB Blogwatch, secure boot, shim, UEFI, UEFI Failing, UEFI vulnerabilities
Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault ...
Security Boulevard
Unveiling BlazeStealer Malware Python Packages on PyPI
Wajahat Raja | | BlazeStealer Malware, code obfuscation, Crypto-Themed npm Modules, Cyber Threats, Cybersecurity News, Cybersecurity Threat, data theft, developers, Discord Bot, Geographic Impact, Malicious Modules, open source development, Package Vetting, Phylum, Proactive Cybersecurity, PyPI, Python Packages, security breach, software supply chain security, Vigilance
In a recent revelation, a cluster of malicious Python packages has infiltrated the Python Package Index (PyPI), posing a significant threat to developers’ systems by aiming to pilfer sensitive information. These deceptive ...
Software dependencies: A beginner’s guide
An overwhelming majority of modern software development utilizes open source software components. Individual components rarely operate in isolation. When one component relies on another to work properly, that is defined as a ...
Smarter policy and advanced component search with Nexus Lifecycle updates
In March, we talked about improvements to the Nexus Lifecycle policy tools and waivers. This month we’ve taken another step forward with better policy and waiver controls. This update helps development teams ...
New Developer Tools for Open Source Dependency Management
Sonatype's focus on developers brings more insights into software dependencies, clearer policy exceptions, and support for PHP users. This Nexus platform update will help developers more easily remediate vulnerable open source usage ...
How to Become an OSS Champion
Katie McCaskey | | DevOps culture, News and Views, open source development, open-source-software, Post developers/devops
Open source software components yield a competitive marketplace advantage. So why do some development teams resist and rebel? ...