Computer Weekly

Virtually all vulnerable open source downloads are avoidable

Open source consumers are downloading about 1.2 billion known vulnerable Java dependencies every month, and whether out of lack of attention, ignorance, stress and overwork or something else, 96% of ...
InfoWorld

Report finds few open source projects actively maintained

Sonatype’s annual software supply chain analysis finds open source project maintenance in decline, while 1 in 8 open source downloads have a known risk. A recent analysis accounting for nearly 1.2 ...