5 ways to spot software supply chain attacks and stop worms - before it's too late

A Dune-inspired worm recently hit CrowdStrike and npm, infecting hundreds of packages. Here's what happened - and how to protect your code.

KDE Plasma 6.5 beta is out bringing KNightTime module, Wayland PiP support, and more

With the October 21 release date on the horizon, the KDE team has rolled out the Plasma 6.5 beta, introducing a range of improvements such as Wayland PiP support.
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...