InfoWorld

Open source maintainers are being targeted by AI agent as part of ‘reputation farming’

“Once contribution and reputation building can be automated, the attack surface moves from the code to the governance process around it. Projects that rely on informal trust and maintainer intuition ...
Computer Weekly

More social engineering attacks on open source projects observed

The Open Source Security Foundation (OpenSSF) and the OpenJS Foundation, which back multiple JavaScript-based open source software (OSS) projects, have warned that the attempted social engineering ...
Insider Monkey

How Open-Source Projects are Shaping the Software Development Industry

In the past 20 years, open source software (OSS) has radically changed software development. Open source has gone from being a niche movement to mainstream and is now a core part of the commercial and ...
InfoWorld

Report finds few open source projects actively maintained

Sonatype’s annual software supply chain analysis finds open source project maintenance in decline, while 1 in 8 open source downloads have a known risk. A recent analysis accounting for nearly 1.2 ...
ZDNet

Google expands open-source bounties, will soon support Javascript fuzzing too

Google has expanded its OSS-Fuzz Reward Program to offer rewards of up to $30,000 for researchers who find security flaws in open-source programs. The expanded scope of the program now means the total ...
ZDNet

Facebook's Meta is transferring the 'most used' JavaScript test framework to OpenJS Foundation

Meta is transferring its popular open-source JavaScript testing framework, Jest, to the OpenJS Foundation. Jest is one of Meta's top open-source projects and has proven a popular tool for testing ...
VentureBeat

Node.js and JS foundations are merging to form OpenJS

The Linux Foundation today unveiled several major collaborative partnerships as it looks to cement the development of various open source projects that power much of the web. The OpenJS Foundation ...