open source software supply chain security
Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug
Richi Jennings | | Buffer Overflow, buffer overflow attack, Buffer Overflow Vulnerabilities, buffer overflows, Chrome, Chromium, edge, Electron, Exploitable Vulnerabilities, Firefox, google, Heap Overflow, libwebp, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, opera, SB Blogwatch, secure software supply chain, slack, software supply chain, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, thunderbird, WebP
WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more ...
Security Boulevard
New Cybersecurity Requirements may put Vendors’ Gov’t Contracts at Risk
Donald Fischer | | Compliance, Cybersecurity, government contracts, M-23-16, maintainers, National Cybersecurity Strategy, open source software supply chain security
In the wake of a recent series of cybersecurity events including Log4Shell and SUNBURST, governments around the world have been exploring ways to use their purchasing power to improve software vendors’ security ...
Security Boulevard