Brian Fox
@brianfox.bsky.social
📤 361
📥 14
📝 9
Sonatype CTO
Yes all of this. Now it’s time to fix it.
add a skeleton here at some point
9 days ago
0
2
0
Free isn’t free: the infrastructure behind open source has real costs, and it’s time we aligned usage with responsibility. This morning we jointly launch a new blog and open letter on sustainable stewardship.
www.sonatype.com/blog/from-ab...
loading . . .
From Abuse to Alignment: Why We Need Sustainable Open Source Infrastructure
Open source relies on shared infrastructure. Learn why sustainable stewardship is critical to keep ecosystems like Maven Central strong.
https://www.sonatype.com/blog/from-abuse-to-alignment-why-we-need-sustainable-open-source-infrastructure
11 days ago
0
24
16
reposted by
Brian Fox
Help Net Security
6 months ago
Open-source malware doubles, data exfiltration attacks dominate 📖 Read more:
www.helpnetsecurity.com/2025/04/03/o...
#cybersecurity
#cybersecuritynews
#opensource
@brianfox.bsky.social
loading . . .
Open-source malware doubles, data exfiltration attacks dominate - Help Net Security
A total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype's Open Source Malware Index.
https://www.helpnetsecurity.com/2025/04/03/open-source-malware-index-q1-2025/
0
1
1
www.thecvefoundation.org
loading . . .
CVE Foundation
FOR IMMEDIATE RELEASE April 16, 2025 CVE Foundation Launched to Secure the Future of the CVE Program [Bremerton, Washington] – The CVE Foundation has been formally established to ensure the long-term ...
https://www.thecvefoundation.org/
6 months ago
1
0
0
Good news for Java developers! Central now validates OpenSSF sigstore signatures as part of publishing. If you’re already signing your artifacts with Sigstore, you’ll now get real-time validation feedback in the Central Publisher Portal. Read more details here:
www.sonatype.com/blog/central...
8 months ago
0
5
3
reposted by
Brian Fox
OpenSSF
10 months ago
📢 The
@linuxfoundation.org
, with Harvard's Laboratory for Innovation Science, has released Census III of Free and Open Source Software – Application Libraries. 🖥️ Key insights from OpenSSF help reduce FOSS vulnerabilities and secure supply chains. Read more:
openssf.org/press-releas...
0
3
2
you reached the end!!
feeds!
log in
