An Open Source Exploit Last Year Changed How Professionals Think of Security

Open source software is everywhere—used in almost every modern application—but the security challenges it faces continue to grow more serious. Relying on the backbone of volunteers, vulnerabilities now make it a prime target for cyberattacks by both malicious hackers and state actors. The close call with the xz Utils backdoor attack highlights just how fragile open source security can be. With open source tools being crucial for both private companies and governments, greater investment from the private sector and public sectors will be required.

Much of the internet’s crowdsourced code is vulnerable to infiltration by bad actors and nation-states. Open source software is at the “heart of the internet,” it is largely maintained by a handful of volunteers and that makes it a major security risk for corporations and governments alike, The Economist ...