Open Source

Industry groups push to keep open-source measures in annual intelligence bill

They’re backing provisions in the House version of the Intelligence Authorization Act. But multiple intelligence community elements are hesitant about the measures, people familiar say.

  • By David DiMolfetta
Exclusive

Report: Russia-based Yandex employee oversees open-source software approved for DOD use

The package is listed inside Platform One’s Iron Bank, a vetted Defense Department software repository, people familiar say.

  • By David DiMolfetta

DARPA unveils winners of AI challenge to boost critical infrastructure cybersecurity

The AI Cyber Challenge aims to accelerate the distribution of open-source AI models to help patch the code that powers major infrastructure like water treatment plans and power grids. Four of the open-source models have already been made available for use.

  • By David DiMolfetta

Foreign adversaries are trying to weaponize open-source software, report finds

Hacking units affiliated with nation-state adversaries are subtly contributing to open-source software tools and working to insert backdoors into publicly available code used by millions worldwide, new research says.

  • By David DiMolfetta

National AI Action plan should expand open-source offerings, respondents say

During the open comment period, a multitude of entities — from private sector to academic research bodies — touted the benefits of a robust open-source AI ecosystem.

  • By Alexandra Kelley

Strengthening open source: A roadmap to enhanced cybersecurity

COMMENTARY | Open-source software is a cornerstone of American innovation, underpinning critical infrastructure and driving economic growth.

  • By Joel Krooswyk
Insights & Reports
The Federal Threat: 98% of npm & PyPI Malware Neutralized With a Source-First Approach
Presented By Chainguard
Download Now
AI for Government Legal Teams: What’s Possible
Presented By Filevine
Download Now

Half of critical open source projects contain memory-unsafe code, U.S. cyber agency says

The findings come after recent hijacking attempts into major open-source tools.

  • By David DiMolfetta

New mailing list aims to share hacking attempts on open-source projects

The Siren email list allows members to share active exploitations of open-source projects, fueled by recent attempts to sabotage free-to-use software tooling

  • By David DiMolfetta

Feds beware: New studies demonstrate key AI shortcomings

Recent studies have started to show that there are serious downsides when it comes to such programs’ ability to produce secure code.

  • By John Breeden II

Hackers tried to breach, disable widely used open-source Java tools, groups warn

The alert comes just after a possible nation state entity attempted to hijack an open-source Linux tool last month.

  • By David DiMolfetta

Linux backdoor was a long con, possibly with nation-state support, experts say

If the XZ Utils vulnerability hadn’t been caught in time, hackers would have had a “skeleton key to the world,” one analyst told Nextgov/FCW.

  • By David DiMolfetta

NTIA explores the benefits and risks of open-weight AI models

A new request for information issued by the National Telecommunications and Information Administration will inform regulatory policy on open-weight models.

  • By Alexandra Kelley

Taking open source risks seriously

COMMENTARY | Software bills of materials don't address what tech leaders should actually do to make sure open source components are safe to use.

  • By Aaron Bray
Featured eBooks
Future-Ready Workforce
Read Now

Health Tech

Read Now

AI Applications

Read Now

CISA collaborative weighs in on open source software security

The public-private Joint Cyber Defense Collaborative called on the open source software community to further invest in the development of secure software, tools and technologies.

  • By Chris Riotta

Army hopes big-data techniques can help secure its clouds

“Multifactor authentication will not be enough,” said the Army’s senior cyber leader.

  • By Patrick Tucker

White House looks to shore up open source software security

The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon."

  • By Chris Riotta

How the US is using open-source intel to track Russia's war in Ukraine

Analysts are moving beyond who-what-when-where to "really focusing on the why,” a senior defense intelligence official said.

  • By Lauren C. Williams

House Panel Advances Bills to Boost CISA’s Oversight of Open Source Software, Cyber Training

The two measures, which passed the committee with bipartisan support, would give CISA authority across DHS and the federal government.

  • By Edward Graham

NSF Will Invest Up to $28M for STEM Open-Source Ecosystems

The agency is looking for proposals for two phases to translate open-source products into open-source ecosystems.

  • By Kirsten Errick

Governments View Open Source as Critical for Enhancing Digital Services, Experts Say

The U.S. government is “still in the process of organizing and coordinating” its own strategy around the use of open source software, according to a CISA official.

  • By Edward Graham

Senate Legislation to Secure Open Source Software Relies on Transparency Initiative

Success would depend to a significant degree on whether agencies require vendors of information and communications technology to provide a software bill of materials with their products and services.

  • By Mariam Baksh