Head Topics

Securing open source software: Whose job is it, anyway?

United Kingdom News News

Securing open source software: Whose job is it, anyway?
United Kingdom Latest News,United Kingdom Headlines
  • 📰 TheRegister
  • ⏱ Reading Time:
  • 40 sec. here
  • 2 min. at publisher
  • 📊 Quality Score:
  • News: 19%
  • Publisher: 61%

CISA announces more help, and calls on app makers to step up

On the government side of things, this includes a voluntary threat intelligence sharing program between the Feds and open source software developers and operators, which the US Cybersecurity and Infrastructure Security Agency will lead.

The Rust Foundation will develop public key infrastructure for the crates.io package repository for mirroring and binary signing. The organization also published a threat model for crates.io and tools to identify malicious packages.When it launched in April 2023, Trusted Publishing supported GitHub. At the summit, the Python Software Foundation revealed it will soon support GitLab, Google Cloud and ActiveState.. Plus, it's finalizing index support for digital attestations.

"And while the Log4Shell vulnerability might have been a big wakeup call for many in government, it demonstrated what this community has known and warned about for years: due to its widespread deployment, the exploitation of OSS vulnerabilities becomes more impactful," she added.

We have summarized this news so that you can read it quickly. If you are interested in the news, you can read the full text here. Read more:

TheRegister /  🏆 67. in UK

United Kingdom Latest News, United Kingdom Headlines

Similar News:You can also read news stories similar to this one that we have collected from other news sources.

Cybercrime crew Magnet Goblin bursts onto the scene exploiting Ivanti holesCybercrime crew Magnet Goblin bursts onto the scene exploiting Ivanti holesPlus: CISA pulls plug on couple of systems feared compromised
Read more »

Kieran Maguire reveals FFP impact on Newcastle United securing monster Dan Ashworth feeKieran Maguire reveals FFP impact on Newcastle United securing monster Dan Ashworth feeThe inside track on the football stories that matter
Read more »

How much Cristiano Ronaldo has earned in Saudi Pro League so far since leaving Man UtdHow much Cristiano Ronaldo has earned in Saudi Pro League so far since leaving Man UtdCristiano Ronaldo has earned an enormous amount since securing a transfer to the Saudi Pro League.
Read more »

Floral tributes to man whose 'powerful mind caused more pain than happiness'Floral tributes to man whose 'powerful mind caused more pain than happiness'Johnny Baker, who died in a collision on the A6011 near Gamston Lock, was described as a 'beautiful soul, outstandingly handsome, cheeky and hilariously funny'
Read more »

The Glasgow sex workers whose murders remain unsolvedThe Glasgow sex workers whose murders remain unsolvedEmma Caldwell's murderer is finally behind bars but the killers of four other women have never been caught.
Read more »

Did Lewis Hamilton confirm Mercedes' interest in Max Verstappen with 'on the list' comment?Did Lewis Hamilton confirm Mercedes' interest in Max Verstappen with 'on the list' comment?Has Lewis Hamilton confirmed that Mercedes are interested in securing Max Verstappen's services?
Read more »



Render Time: 2025-02-21 12:58:24