Opinion
Infosecurity MagazineOpinion

Open Source is the Tip of the Iceberg: Why Proprietary Software, Hardware and Protocols Face Greater AI-Driven Security Risk

Project Glasswing scans open-source code for vulnerabilities. But open source was already the most scrutinized software on earth. The real exposure is everywhere else ...

Warp is going open source and wants you to improve its coding tools with AI

While other open-source projects are rejecting vibe-coded contributions, Warp wants to accept AI code in a managed way.
Dark Reading

Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

A pair of security vulnerabilities discovered in the GitHub environments of two very popular open source projects from Apache and Google could be used to stealthily modify project source code, steal ...
Infosecurity-magazine.com

Majority of Critical Open Source Projects Contain Memory Unsafe Code

More than half (52%) of critical open source projects contain code written in a memory-unsafe language, according to a new analysis by the Cybersecurity and Infrastructure Security Agency (CISA) in ...
The Next Web

Lovable left thousands of projects exposed for 48 days, and the vibe coding security crisis is only getting worse

Summary: Lovable, the $6.6 billion vibe coding platform with eight million users, has faced three documented security incidents exposing source code, database credentials, and thousands of user ...
Bleeping Computer

CISA: Most critical open source projects not using memory safe code

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The report, cosigned ...