Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

Masked, not erased: how broken redaction fuels AI data leaks

Visual redaction instead of true removal. The most common method is to place a black box over sensitive text in a PDF or Word file. It looks secure, but the text layer underneath is still there.