#OpenSourceThreat

North Korea’s Moonstone Sleet Widens Distribution of Malicious Code

by

June 13, 2024 at 03:33PM A newly identified North Korean threat actor, Moonstone Sleet, is expanding its distribution of malicious npm packages to public registries, targeting the software supply chain and open source code repositories. It differentiates itself through various techniques, posing a growing risk to the open source community. Organizations are urged to implement … Read more

New Offerings From Protect AI, Venafi Tackle Software Supply Chain Security

by

January 25, 2024 at 11:48AM The growing use of open source software expands into the AI market. Venafi offers Stop Unauthorized Code Solution for traditional OSS, while Protect AI’s Guardian secures open source machine learning models. Both products aim to tackle the unique security challenges of their respective markets. They operate as crucial security measures … Read more