ZDNet

More than 75% of all vulnerabilities reside in indirect dependencies

The vast majority of security vulnerabilities in open-source projects reside in indirect dependencies rather than directly and first-hand loaded components. "Aggregating the numbers from all ...
InfoWorld

Developing ecosystem-ready APIs and applications

Ecosystem-ready is not just about robust engineering, security, and operational practices. Here's what your devops team needs to know. So you’ve developed cloud-native microservices, have a process to ...
ZDNet

Hacking 20 high-profile dev accounts could compromise half of the npm ecosystem

The npm ecosystem of JavaScript libraries is more interwoven than most developers think, and the entire thing is a gigantic house of cards, being one bad hack away from compromising hundreds of ...