ActiveState Unifies 79M Components to Launch World's Largest Secure Open Source Catalog

ActiveState, a global leader in open source language solutions and secure software supply chain management, today announced it has grown its catalog of secure open source components to 79 million, ...
Infosecurity-magazine.com

Researchers Uncover 454,000+ Malicious Open Source Packages

Security researchers have warned that the open source ecosystem has become a “structural risk,” after revealing another surge in malicious packages last year. Sonatype said in its 2026 State of the ...
ZDNet

10 open-source apps I recommend every Windows user download - for free

If Windows is your preferred operating system, consider these open-source apps. There are numerous open-source apps available for almost any task. These are all free to install and use on Windows.
Kotaku

Steam Game Devs Call Exploit Allegations ‘Clickbait Exaggeration’ And ‘Malicious ...

The developers behind a popular “open source MMO RTS sandbox game for programming enthusiasts” on Steam, named Screeps: World, have been forced to update their game “in order to protect both players” ...
The Hacker News

ThreatsDay Bulletin: OpenSSL RCE, Foxit 0-Days, Copilot Leak, AI Password Flaws & 20+ Stories

ThreatsDay Bulletin tracks active exploits, phishing waves, AI risks, major flaws, and cybercrime crackdowns shaping this week’s threat landscape.
Business Insider

ReversingLabs 2026 Software Supply Chain Security Report Identifies 73% Increase in ...

CAMBRIDGE, Mass., Jan. 27, 2026 (GLOBE NEWSWIRE) -- ReversingLabs (RL), the trusted name in file and software security, today released its fourth annual Software Supply Chain Security Report. The 2026 ...
ZDNet

7 open-source apps I'd happily pay for - because they're that good

There are tons of brilliant open-source apps. You'll find open-source titles for Linux, MacOS, and Windows. Some of these apps are so good, they should have a price tag. Since I started my journey ...
Bleeping Computer

Hackers exploit security testing apps to breach Fortune 500 firms

Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud ...
InfoWorld

Unplugged holes in the npm and yarn package managers could let attackers bypass defenses ...

A researcher at Koi Security says the two key platforms have not plugged the vulnerabilities enabling the worm attacks, and ‘the JavaScript ecosystem deserves better.’ Javascript developers should ...
XDA Developers on MSN

Please stop using OpenClaw, formerly known as Moltbot, formerly known as Clawdbot

It could cause you a lot of problems.
CBS News

House amends funding package to repeal law allowing senators to sue for $500k, jamming ...

Washington — The House approved an amendment to a must-pass funding package Thursday that would repeal a controversial provision that allows senators to sue for $500,000 if federal investigators ...
The Hill

GOP senators open to splitting off DHS funding to pass other key spending bills

A group of Republican senators is open to splitting the Homeland Security appropriations measure off from a six-bill government funding package that needs to pass by Friday to avoid a partial ...