Open source maintainers are right to be concerned about AI slop, but banning AI-generated code outright is a huge mistake.

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...

Apache® Magpie provides open source maintainers with platform infrastructure for agent-assisted repository maintainershipWilmington, DE, June 30, 2026 (GLOBE NEWSWIRE) -- The Apache Software ...

Hannah Dacayanan of UnitedLex discusses ways in which automated software composition analysis tools identify open source ...

Chainguard is expanding Repository with new policy controls, malware and greyware scanning, and support for Java, Python, and container artifacts-helping organizations govern software consumption ...

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...

When AI-assisted vulnerability discovery makes it dramatically easier to identify weaknesses hidden inside modern dependency ...

Block deployed the Builderbot agent framework across its codebase to automate complex cross-service software development ...

Microsoft shut down dozens of GitHub code repositories for Azure and AI coding tools after a reported hack.

Malicious apps got into the Arch User Repository - how to protect yourself ...

U.S. Market to Expand USD 552.89 Million by 2035, While Europe is Projected to Reach USD 1.58 Billion Amid Rising SBOM and Cyber Resilience Compliance RequirementsAustin, June 24, 2026 (GLOBE NEWSWIRE ...

A recent — and likely massive — breach at Novo Nordisk, where attackers reportedly gained an initial foothold using a single GitHub access token, underscores how code repositories and developer ...