InfoQ

JEP 533 Tightens Exception Handling in Java's Structured Concurrency for JDK 27

JEP 533, Structured Concurrency, has reached integrated status for JDK 27. It refines exception handling and type safety in ...

Source Code Is Not The Product: Why Commercial Open Source Works

Done right, openness creates a stronger business structure and a larger surface area for value creation than closed software.

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

GitHub is just the latest victim of TeamPCP, a gang that has carried out a spree of software supply chain attacks that has ...
Ars Technica

Microsoft open-sources “the earliest DOS source code discovered to date”

Several times in the last couple of decades, Microsoft has released source code for the original MS-DOS operating system that kicked off its decades-long dominance of consumer PCs. This week, the ...
Bleeping Computer

Trellix discloses data breach after source code repository hack

Cybersecurity firm Trellix disclosed a data breach after attackers gained access to "a portion" of its source code repository. Trellix is a global cybersecurity company formed from the October 2021 ...
InfoWorld

What’s new and exciting in JDK 26

Java 26 introduces little that is totally new, but you’ll find many important changes and improvements in Java’s libraries ...

Hackers have compromised dozens of popular open source packages in an ongoing supply chain attack

The attacks are part of a wider campaign known as Mini Shai-Hulud, which has already compromised several open source projects ...

OpenAI says hackers stole some data after latest code security issue

OpenAI said the damage was limited to the employees’ devices, and did not affect user data nor its production systems, and ...

OpenAI says no user data breached after security issue with open-source library

May 14 (Reuters) - OpenAI said on Wednesday it found no evidence that its user data was accessed after a security issue ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
Electrek

Fisker went bankrupt and owners built open source car company from the ashes

After Fisker's bankruptcy left 11,000 Ocean EVs orphaned, a 4,000-member community reverse-engineered software, hacked CAN ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a vulnerability in the developers’ account workflow that gave access to its signing keys ...