White House hosts open-source software security summit in light of expansive Log4j flaw
The meeting will combine tech leaders with feds.
Hackers try to bug PHP programming language in supply chain cautionary tale
79% of websites use PHP, according to one estimate.
GitHub removes researcher's Exchange Server exploit, sparking industry debate
As debate over security research ethics rages on, so, too, do the compromises of organizations running vulnerable Exchange Server software.
Tech titans throw weight behind WhatsApp allegations in NSO surveillance lawsuit
Major firms are joining ranks against NSO.
How GitHub untangled itself from the ‘Octopus’ malware that infected 26 software projects
It's an example of the potentially insidious nature of open-source supply chain compromises.
NSA's reverse-engineering malware tool, Ghidra, to get new features to save time, boost accuracy
The spy agency says it has listened to feedback from users and is integrating some of those ideas into the software.