SEARCH
Archive
3 Things We Still Don’t Know About the XZ Backdoor
The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are known, there is plenty we still don't know. Dennis Fisher and Lindsey O'Donnell-Welch talk about the unknowns and what if anything could have been done to prevent this from happening.
Decipher Podcast: Kelley Misata
Kelley Misata, senior director of open source of open source at Corelight and CEO of Sightline Security, joins Dennis Fisher to talk about her road to get into security, the importance of protecting at-risk populations, and the challenges of building community in the open source world.
Phishing Campaign Targets PyPI Project Maintainers
The PyPI maintainers say a new phishing campaign is targeting Python project maintainers and aiming to steal credentials and compromise projects.
New Google Team to Help Critical Open Source Projects Improve Security
Google is creating a new Open Source Maintenance Crew to aid critical open source projects up their security game.