At a time when almost all software contains open source code, at least one known open source vulnerability was detected in 84% of all commercial and proprietary code bases examined by researchers at application security company Synopsys.
In addition, 48% of all code bases analyzed by Synopsys researchers contained high-risk vulnerabilities, which are those that have been actively exploited, already have documented proof-of-concept exploits, or are classified as remote code execution vulnerabilities.
The vulnerability data — along with information on open source license compliance — was included in Synopsys’ 2023 Open Source Security and Risk Analysis (OSSRA) report, put together by the company’s Cybersecurity Research Center (CyRC).
More Stories
NVIDIA Container Toolkit Vulnerability Exposes AI Systems to Risk
The vulnerability, discovered by Wiz researchers, affects both cloud-based and on-premises AI applications using the toolkit Read More
Critical RCE Vulnerabilities Found in Common Unix Printing System
The newly identified vulnerabilities exploit improper input validation when managing printer requests over the network Read More
US State CISOs Struggling with Insufficient Cybersecurity Funding
A Deloitte and NASCIO survey found that a third of state CISOs do not have a dedicated cybersecurity budget Read...
British man used genealogy websites to fuel alleged hacking and insider trading scheme
A London-based man is facing extradition to the United States after allegedly masterminding a scheme to hack public companies prior...
AI and the 2024 US Elections
For years now, AI has undermined the public’s ability to trust what it sees, hears, and reads. The Republican National...
Cyber-Attacks Hit Over a Third of English Schools
A survey by Ofqual found that 20% of English schools and colleges were unable to immediately recover after being hit...