The Hacker News

Self-Replicating Worm Hits 180+ npm Packages to Steal Credentials in Latest Supply Chain Attack

"Each published package becomes a new distribution vector: as soon as someone installs it, the worm executes, replicates, and ...
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

Monero Received Nearly $1M Donations in 2025 for Development Funding and More

Maintaining and funding free, open-source software (FOSS) is challenging, and many projects are left in limbo after some time ...