Hidden dependencies and social engineering attacks can contribute to the insecure use of open-source software in 2025.

Package Reputation is an essential capability for organizations seeking to secure their software supply chain. By analyzing ...

Veracode says its acquisition of software supply chain security startup Phylum will enhance its capabilities around ...

Application security company Veracode Inc. today announced that it had acquired certain assets from software supply chain ...

The acquisition enhances Veracode’s ability to identify and block malicious code in open-source libraries ... about the acquisition and software supply chain security, contact the Veracode ...

OSS’s strengths are also its greatest weaknesses. Unlike proprietary software, where the source code is tightly controlled, OSS is publicly available. While this openness fosters innovation, it also ...

To combat the rise in software supply chain attacks, Veracode has acquired Denver-area startup Phylum and its advanced tools ...

and in the same week US security agencies NSA and CISA published their own guidance on mitigating the risk of software supply chain attacks. Modern applications, both closed- and open source, are ...

Technology Acquisition Delivers Automated Malicious Package Analysis, Detection, and Mitigation in Open-source Code ... the acquisition and software supply chain security, contact the Veracode ...