Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

How AI and politics hampered the secure open-source software movement

In November 2021, a zero-day vulnerability in a ubiquitous piece of open-source code stunned the technology industry and set ...
ZDNet

Canonical's OpenJDK builds promise Java devs more speed - and a whopping 12 years of ...

With Ubuntu Pro, Canonical's OpenJDK build includes 12 years of support. 'Chiseled' builds are faster, more secure than other OpenJDK builds. Canonical is aligning Ubuntu's and OpenJDK's release ...
Computer Weekly

The hidden security risks of open source AI

Open source AI is gaining momentum across major players. DeepSeek recently announced plans to share parts of its model architecture and code with the community. Alibaba followed suit with the release ...