U.S. is the to generator of anonymous open source contributions

U.S. is the to generator of anonymous open source contributions

Briefly

A new report indicates that the United States and Russia lead in open source project contributions globally, highlighting critical vulnerabilities in the software supply chain.

Securitymagazinehttps://www.securitymagazine.com/articles/101220-us-is-the-to-generator-of-anonymous-open-source-contributions

The findings reveal that more than 95% of vulnerabilities in software can be traced back to open source package dependencies, with a staggering 51% lacking any known fixes.

Securitymagazinehttps://www.securitymagazine.com/articles/101220-us-is-the-to-generator-of-anonymous-open-source-contributions

It was noted that 70% of open source components are either insufficiently maintained or not maintained at all, posing significant security risks.

Securitymagazinehttps://www.securitymagazine.com/articles/101220-us-is-the-to-generator-of-anonymous-open-source-contributions

With 34% of contributions originating from the U.S. and 20% being anonymous, the report underscores the complexity of maintaining and securing open source projects.

Securitymagazinehttps://www.securitymagazine.com/articles/101220-us-is-the-to-generator-of-anonymous-open-source-contributions