Nextgov

Half of critical open source projects contain memory-unsafe code, U.S. cyber agency says

Over half of critical open source tools are underpinned by code that does not internally manage memory spillover risks, opening them up to potential exploitation by hackers, according to findings ...
Infosecurity-magazine.com

Majority of Critical Open Source Projects Contain Memory Unsafe Code

More than half (52%) of critical open source projects contain code written in a memory-unsafe language, according to a new analysis by the Cybersecurity and Infrastructure Security Agency (CISA) in ...
Bleeping Computer

Lapsus$ hackers leak 37GB of Microsoft's alleged source code

The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server. Early Sunday morning, the Lapsus$ gang ...
Bleeping Computer

CISA: Most critical open source projects not using memory safe code

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The report, cosigned ...
Threat Post

Microsoft: Lapsus$ Used Employee Account to Steal Source Code

The data-extortion gang got at Microsoft’s Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack. In ...
TechRadar

Google set to reduce the Android source code releases to just twice a year

AOSP source code to be shared with developers in Q2 and Q4, skipping Q1 and Q3 for the first time Security patches and other updates will still be published Google says the changes will improve ...