Dark Reading

Dependency Problems Increase for Open Source Components

The average software application depends on more than 500 open source libraries and components, up 77% from 298 dependencies in two years, highlighting the difficulty of tracking the vulnerabilities ...
MUO on MSN

5 commands to quickly fix broken packages in Linux

Unlock the potential of your Linux package manager and say goodbye to broken dependencies.
techtimes

Top 5 Software Composition Analysis Tools for 2025

Software Composition Analysis, or SCA, is a type of software security tool that focuses on analyzing open-source components within a codebase. When developers create software, they often include ...
Dark Reading

Only 3% of Open Source Software Bugs Are Actually Attackable, Researchers Say

With vulnerability-management workloads ballooning in the era of heightened software supply chain security risks, a study out today suggests that only about 3% of today’s flaws are actually reachable ...
CSOonline

AI development pipeline attacks expand CISOs’ software supply chain risk

Malicious campaigns targeting code used by developers of AI applications underscore the need to develop comprehensive risk-based programs around software dependencies and components. Widespread flaws ...
Security

Endor Labs releases report on open-source software dependency management

Endor Labs today released The 2024 Dependency Management Report, which consolidates extensive original and third-party research into the current state of security in the software dependency lifecycle ...
Linux Journal

The Evolution of Linux Package Management and Its Impact on Modern Computing

If you’ve ever used a modern Linux distribution, you’ve likely experienced the convenience of installing and updating software with a single command. Package managers, the tools behind this ease of ...