Tag
#SBOM
4 stories taggedSBOM.

AI Security
When AI writes your code, your supply chain just got a new stranger in it
For years, defenders worried about which open-source parts sat inside their software. Now an AI assistant is quietly adding parts of its own, and nobody is quite sure who owns the risk.
4 min

Policy & Regulation
The Software Safety Label Problem: Why What Companies Ship Often Doesn't Match What They Report
A growing body of regulation now requires software makers to list every component inside their products. A Toronto-based firm says most of those lists are wrong before the ink dries, and regulators are starting to agree.
3 min

Vulnerabilities
FFmpeg Vulnerability 'PixelSmash' Threatens Media Applications
A critical flaw in FFmpeg's MagicYUV decoder reveals the fragility of software supply chains.
2 min

Cloud Security
IBM and Red Hat Pledge $5 Billion to Lock Down Open Source Supply Chains via Project Lightwell
The initiative targets a deceptively hard problem: patching vulnerabilities in open source dependencies without breaking production workloads that millions of systems depend on.
2 min