AI Code Floods Open Source: How Kusari Inspector Secures CNCF Projects Against Supply Chain Attacks | TFiR
Open source maintainers face an impossible burden: AI bots flood repositories with pull requests that may be ...
Open Source’s Contributor Crisis Is a Security Risk. Here’s How CNCF’s Merge Forward Is Fixing It | TFiR
Open source sustainability is not just about code—it's about people. Stéphane Este-Gracias of CNCF's Merge Forward explains ...
AI Code Is Leaking 29M Secrets: What Developers Must Know Now | Dwayne McDaniel, GitGuardian | TFiR
AI coding assistants are leaking credentials at 2x the baseline rate, with 29 million secrets hitting ...
The Hidden Risk of Open Source: What Happens When Maintainers Walk Away
When open source maintainers walk away from mature projects, companies are left with production dependencies and no ...
Fixing WordPress Supply Chain Security with FAIR | Karim Marucchi, Crowd Favorite & Joost de Valk, Emilia Capital
Karim Marucchi and Joost de Valk explain how the FAIR Package Manager decentralizes WordPress updates, embeds ...
What the Cyber Resilience Act Means for Open Source — And How OpenSSF Plans to Help
OpenSSF’s CRob explains how the Cyber Resilience Act shifts responsibility to manufacturers, and how open source ...
What Happened Today June 17, 2025
Here are the latest news highlights from TFiR, showcasing innovations that are shaping the future of AI ...
What Happened Today May 14, 2025
1/ Vultr, the world’s largest privately-held cloud infrastructure provider, has announced support for the new AMD EPYC 4005 ...
Chainguard’s Ground-Up Strategy for a Zero-Vulnerability Software Supply Chain
Chainguard, a cybersecurity startup, is doubling down on its mission to secure software supply chains from the ...
Everything Open Source Developers Need to Know About the EU Cyber Resilience Act
The European Union’s Cyber Resilience Act (CRA) is a game-changer for software developers and organizations that rely ...