Software development platform GitHub has made its Advisory Database open to community contributions allowing anyone to contribute insight and intelligence on security vulnerabilities to help improve software supply chain security. The full contents of the database will also now be published to a new, freely accessible public repository under Creative Commons license. Experts say data sharing of this kind is key to improving the security of software supply chains and addressing software-related risks.
Security community to benefit from free and open data
Millions of developers and companies use GitHub to build, ship and maintain software. By making its Advisory Database publicly open to community contributions, the firm said security researchers, academics and enthusiasts will be able to provide, share and benefit from additional information and context to further the community’s understanding and awareness of security advisories.
More Stories
European Journalists Targeted by Paragon Spyware, Citizen Lab Confirms
This is the first forensic evidence that journalists’ devices have been infected with Paragon’s Graphite spyware Read More
Paragon Spyware used to Spy on European Journalists
Paragon is a Israeli spyware company, increasingly in the news (now that NSO Group seems to be waning). “Graphite” is...
Ransomware Gang Exploits SimpleHelp RMM to Compromise Utility Billing Firm
A CISA advisory urged all software vendors and downstream customers to check if they are impacted by unpatched versions of...
Microsoft 365 Copilot: New Zero-Click AI Vulnerability Allows Corporate Data Theft
Researchers have found a flaw in Microsoft 365 Copilot that allows the exfiltration of sensitive corporate data with a simple...
South African man imprisoned after ransom demand against his former employer
Lucky Erasmus and a company insider installed software without authorisation on Ecentric's systems which granted them remote access, enabling them...
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs
Late last year, security researchers made a startling discovery: Kremlin-backed disinformation campaigns were bypassing moderation on social media platforms by...