#open-source-supply-chain

[ follow ]
#chatgpt #mac-app-security #credential-exfiltration #software-update-rollout #container-security
Information security
fromEngadget
19 hours ago

The ChatGPT desktop app for Mac just got hit with a security breach - Engadget

A compromised open-source library led to limited credential exfiltration from code repositories, prompting a ChatGPT Mac update rollout and no evidence of user data access.
fromInfoQ
3 months ago

Chainguard Finds 98% of Container CVEs Lurking Outside the Top 20 Images

Chainguard draws on telemetry from 290,000 images and almost half a billion builds to examine how customers actually consume and maintain open source components. It finds that foundational language and infrastructure images such as Python, Node, nginx, Go and Redis dominate production usage, forming what it describes as the baseline stack for the modern AI-driven software ecosystem.
Information security
Information security
fromDeveloper Tech News
3 months ago

Sonatype: Open-source consumption jumps 67%

Open-source download volume surged in 2025, stressing shared infrastructure while industrialised malware campaigns compromise developer supply chains and raise operational and security costs.
[ Load more ]