Black Duck
What 2024 taught us about security vulnerabilties
From zero-day exploits to weaknesses in widely used software and hardware, the vulnerabilities uncovered last year underscore threat actors’ tactics and the critical …
Critical vulnerabilities persist in high-risk sectors
Finance and insurance sectors found to have the highest number of critical vulnerabilities, according to Black Duck. Finance and insurance industry faces highest …
Open source security: The risk issue is unpatched software, not open source use
Many of the trends in open source use that have presented risk management challenges to organizations in previous years persist today. However, new data also suggest that an …
The percentage of open source code in proprietary apps is rising
The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging …
Preventing good containers from going bad
Containers go bad everyday, and often without warning. All it takes is one CVE impacting an image, and now all containers deployed using this image are at an increased level …
Organizations are not effectively dealing with open source security threats
Black Duck conducts hundreds of open source code audits annually, primarily related to Merger & Acquisition transactions. Its Center for Open Source Research & …
Featured news
Resources
Don't miss
- AI hallucinations and their risk to cybersecurity operations
- Why EU encryption policy needs technical and civil society input
- Hanko: Open-source authentication and user management
- Inside MITRE ATT&CK v17: Smarter defenses, sharper threat intel
- CISA: Recently fixed Chrome vulnerability exploited in the wild (CVE-2025-4664)