SiliconANGLE

New repository aims to illuminate open-source package vulnerabilities and malicious code

The Open Source Security Foundation today launched its Malicious Packages Repository, an open-source system for collecting and publishing cross-ecosystem reports of malicious packages. Claimed to be ...
Ars Technica

Using repositories vs complie from source

I've been learning two methods for installing applications in Linux, compile from source, or install using a repository. The second method is much easier but I wonder what is really the suggested ...
CSOonline

Dependency confusion explained: Another risk when using open-source repositories

Dependency confusion is a newly discovered logic flaw in the default way software development tools pull third-party packages from public and private repositories. Attackers can take advantage of this ...
ZDNet

OSDL considers open-source code repository

Open Source Development Labs, which promotes the adoption of the Linux operating system, has revealed potential plans for a repository of open-source code which could be used by the patent industry to ...
Benzinga.com

China's DeepSeek To Open-Source Key Code Repositories In A Bid For Full Transparency

AI startup DeepSeek announced plans to open-source five of its code repositories, a move aimed at fostering transparency and community-driven innovation. A code repository is a centralized storage ...

Anthropic says its leak-focused DMCA effort unintentionally hit legit GitHub forks

“The repo named in the notice was part of a fork network connected to our own public Claude Code repo, so the takedown reached more repositories than intended,” an Anthropic spokesperson told ...
Computerworld

Should open-source repositories block nations under U.S. sanctions?

Arabcrunch has accused major open-source repository SourceForge of blocking all access to software projects it hosts for anyone in Syria, Sudan, Iran, North Korea and Cuba. Not surprisingly, this ...