Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.

OpenSSF

work
The 6 challenges your business will face in implementing MLSecOps

Organizations that don’t adapt their security programs as they implement AI run the risk of being exposed to a variety of threats, both old and emerging ones. MLSecOps …

framework
Cybersecurity Skills Framework connects the dots between IT job roles and the practical skills needed

The Linux Foundation, in collaboration with OpenSSF and Linux Foundation Education, has released the Cybersecurity Skills Framework, a global reference guide that helps …

open source
OSPS Baseline: Practical security best practices for open source software projects

The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security …

software
One-third of dev professionals unfamiliar with secure coding practices

Attackers consistently discover and exploit software vulnerabilities, highlighting the increasing importance of robust software security, according to OpenSSF and the Linux …

Authelia
Authelia: Open-source authentication and authorization server

Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, …

Dana Wang
Establishing a security baseline for open source projects

In this Help Net Security interview, Dana Wang, Chief Architect at OpenSSF, discusses the most significant barriers to improving open-source software security (OSS security) …

Protobom
Protobom: Open-source software supply chain tool

Protobom is an open-source software supply chain tool that enables all organizations, including system administrators and software development communities, to read and …

open source
New open-source project takeover attacks spotted, stymied

The OpenJS Foundation has headed off a “credible takeover attempt” similar to the one that resulted in a backdoor getting included in the open-source XZ Utils …

Omkhar Arasaratnam
Transitioning to memory-safe languages: Challenges and considerations

In this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation (OpenSSF), discusses the evolution of memory-safe programming …

open source security
Securing software repositories leads to better OSS security

Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool …

White House
White House launches AI Cyber Challenge to make software more secure

The Biden-Harris Administration has launched a major two-year competition using AI to protect the United States’ most important software, such as code that helps run the …

AI
Popular generative AI projects pose serious security threat

Many popular generative AI projects are an increased security threat and open-source projects that utilize insecure generative AI and LLMs also have poor security posture, …

Featured news

Resources

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools