Hacker News
- Social engineering takeovers of open source projects https://openssf.org/blog/2024/04/15/open-source-security-openssf-and-openjs-foundations-issue-alert-for-social-engineering-takeovers-of-open-source-projects/ 361 comments
- OpenSSF: Scanning open source packages for malicious behavior https://openssf.org/blog/2022/04/28/introducing-package-analysis-scanning-open-source-packages-for-malicious-behavior/ 4 comments
- Open Source Security Foundation https://openssf.org/ 72 comments
Lobsters
- OpenSSF and OpenJS warn about attempts to take over projects similar to XZ-case https://openssf.org/blog/2024/04/15/open-source-security-openssf-and-openjs-foundations-issue-alert-for-social-engineering-takeovers-of-open-source-projects/ 10 comments linux
- Allstar GitHub App - Automated continuous enforcement of security best practices https://openssf.org/blog/2021/08/11/introducing-the-allstar-github-app/ 8 comments linux
Linking pages
- The Open Source Sustainability Crisis ❧ Open Path by Chad Whitacre https://openpath.chadwhitacre.com/2024/the-open-source-sustainability-crisis/ 244 comments
- Why Congress should invest in open-source software https://www.brookings.edu/techstream/why-congress-should-invest-in-open-source-software/ 224 comments
- xz-style Attacks Continue to Target Open-Source Maintainers | LinuxSecurity.com https://linuxsecurity.com/news/security-trends/xz-style-attacks 155 comments
- GitHub - mikeroyal/Self-Hosting-Guide: Self-Hosting Guide. Learn all about locally hosting (on premises & private web servers) and managing software applications by yourself or your organization. Including Cloud, LLMs, WireGuard, Automation, Home Assistant, and Networking. https://github.com/mikeroyal/Self-Hosting-Guide 108 comments
- Why has software supply chain security exploded? – Open Source Security https://opensourcesecurity.io/2022/09/06/why-has-software-supply-chain-security-exploded/ 85 comments
- Afraid of your source code leaking? I can tell by the Twitch in your eye…! | by Arnica | Medium https://blog.arnica.io/afraid-of-your-source-code-leaking-i-can-tell-by-the-twitch-in-your-eye-693b71a67eac?r= 78 comments
- twenty-five years of curl | daniel.haxx.se https://daniel.haxx.se/blog/2023/03/20/twenty-five-years-of-curl/ 71 comments
- Making Open Source software safer and more secure https://www.blog.google/technology/safety-security/making-open-source-software-safer-and-more-secure/ 64 comments
- GitHub - 1Password/1password-teams-open-source: Get a free 1Password Teams membership for your open source project https://github.com/1Password/1password-teams-open-source 59 comments
- Linux is a CNA - http://www.kroah.com/log/blog/2024/02/13/linux-is-a-cna/ 56 comments
- Adding build provenance to Homebrew | Trail of Bits Blog https://blog.trailofbits.com/2023/11/06/adding-build-provenance-to-homebrew/ 46 comments
- Who’s at the Helm?. Or, how to deploy 25+ CVEs to prod in… | by Dan Lorenc | Medium https://dlorenc.medium.com/whos-at-the-helm-1101c37bf0f1 42 comments
- GitHub - mikeroyal/Fedora-Guide: Fedora/CentOS Stream/Red Hat Enterprise Linux Guide https://github.com/mikeroyal/Fedora-Guide 30 comments
- Google invests in open source security by funding Linux kernel developers | VentureBeat https://venturebeat.com/2021/02/24/google-invests-in-open-source-security-by-funding-linux-kernel-developers/ 25 comments
- GitHub - mikeroyal/Windows-11-Guide: Windows 10/11 Guide. Including Windows Security tools, Encryption, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources. https://github.com/mikeroyal/Windows-11-Guide 24 comments
- Why we’re committing $10 billion to advance cybersecurity https://blog.google/technology/safety-security/why-were-committing-10-billion-to-advance-cybersecurity/ 24 comments
- New from Google Cloud: Assured Open Source Software service | Google Cloud Blog https://cloud.google.com/blog/products/identity-security/introducing-assured-open-source-software-service 20 comments
- GitHub - mikeroyal/NixOS-Guide: NixOS Guide. Learn all about the immutable Nix Operating System and the declarative Nix Expression Language. https://github.com/mikeroyal/NixOS-Guide 14 comments
- GitHub - google/oss-fuzz: OSS-Fuzz - continuous fuzzing for open source software. https://github.com/google/oss-fuzz 11 comments
- GitHub - mikeroyal/Open-Source-Security-Guide: Open Source Security Guide. Learn all about Security Standards, Frameworks, Threat Models, Encryption, and Benchmarks. https://github.com/mikeroyal/Open-Source-Security-Guide 11 comments