Software supply chain attacks increased over 300% in 2021

We all knew there was an increase in software supply chain attacks in 2021, but a new study has quantified just how bad things got.

Argon Security – recently acquired by Aqua Security – published the latest edition of its annual Software Supply Chain Security Review this week.

The headline stat from Argon’s report that software supply chain attacks grew by more than 300 percent in 2021 compared to 2020.

Eran Orzel, Senior Director of Argon Customer...

Library deliberately corrupted by its developer relaunches as community project

A popular library that was deliberately corrupted by its own developer has been relaunched as a community-driven project.

Last week, Developer reported that users of open-source projects depending on the ‘colors’ and ‘faker’ libraries by Marak Squires were confronted with their applications indefinitely printing gibberish messages on their console—rendering them useless.

Squires corrupted his own libraries, seemingly in retaliation for others using them for...

Google wants to increase government collaboration to secure open-source

Google says that it wants to increase government collaboration to help secure open-source after participating in a White House summit.

On Thursday, Google participated in the White House Open Source Software Security Summit with the aim of building on its “work with the Administration to strengthen America’s collective cybersecurity through critical areas like open-source software.”

The past year has been particularly bad for open-source security problems, with...

Open-source developer corrupted his own popular libraries

An open-source developer intentionally corrupted his own libraries that have been used by thousands of projects.

Users of open-source projects that depend on the ‘colors’ and ‘faker’ libraries by Marak Squires were confronted with their applications indefinitely printing gibberish messages on their console—rendering them useless.

The colors library receives over 20 million weekly downloads on npm alone and has almost 19,000 projects depending on it. The faker...

Ethereum still has the most Web 3.0 developers, but rivals are growing faster

Decentralised app platform Ethereum still has the most Web 3.0 developers, but it’s all to play for with rivals growing faster.

The data comes from research firm Electric Capital which released a report this week into the Web 3.0 development ecosystem.

Electric Capital found that more than 4,000 developers actively work on Ethereum per month. 

For comparison, just 680 developers actively work on Bitcoin per month. It’s a huge disparity, but it’s...

GitHub launches preview of improved code search

GitHub is making significant improvements to its code searching experience and has launched a technology preview for an early peek.

The current search index covers more than five million of the most popular public repositories. In addition, developers can also search any private repositories they have access to.

GitHub recommends trying five search functions to see how they could improve your workflow:

Try a simple search and see how the smart ranking and...

GitHub Octoverse 2021: Developer diversity is increasing, code is shipping faster than ever

The 2021 edition of GitHub’s annual Octoverse report highlights a welcome increase in the diversity of the developer community alongside many other interesting trends.

According to the report, almost 60 percent of active GitHub users are now distributed outside North America. The world’s largest repo service is seeing the fastest user growth in Indonesia, Brazil, India, Russia, Japan, Germany, Canada, the UK, and China.

Developers are both writing and shipping code...

What open API means for today’s IT and physical security strategies

A man using a laptop.

What is open-source security software?

Open-source software is nothing new. In fact, it’s been around since the 1990s when it was popularized during the dot-com boom. Open source software makes it free to use and modify the source code. While similar, open application programming interface, or API, software takes this a step farther. Open API still gives developers universal access to software programs, but it’s also a tool for making platforms communicate with each other....

Thomas Dohmke will be GitHub’s new CEO

Thomas Dohmke is taking over from Nat Friedman to become GitHub’s new CEO.

Dohmke co-founded HockeyApp – a service to help distribute beta versions of apps and get analytics and crash reports – in 2011, to solve some of his paint points as a developer.

He took this passion for solving pain points to GitHub in 2018 after leading Microsoft’s acquisition of GitHub alongside Friedman.

In a blog post, Dohmke wrote:

“Leading the home for all...

HDC 2021: Huawei provides updates on HarmonyOS, HMS Core 6, and more

During this year’s Huawei Developer Conference (HDC 2021), the tech giant took the opportunity to provide key updates on HarmonyOS, HMS Core 6, and more.

The theme of the event was “Together” and was used in regards to both the community and technologies that Huawei is building around its ecosystem.

In this article, we’ll recap some big announcements and interesting tech sessions from this year’s event.

HarmonyOS 3.0

Huawei’s open source in-house...