He says the XZ Utils attack also illustrates

rakhirhif8963 · Post by **rakhirhif8963** » Wed Feb 05, 2025 10:47 am

"Some projects have one or just a few developers, and we like to see widely used projects have many developers because having a lot of them can be a deterrent to others," Wheeler says.

a problem that OpenSSF is working to solve: ensuring that the source code people use matches what is being audited. “The big advantage of open source software is that it can be widely audited for unintentional or intentional vulnerabilities,” he explains.

Wheeler notes, however, that verification won't help if what's being verified isn't used to build the final product. OpenSSF projects like SLSA and Sigstore are working to improve the build and distribution process to ensure that the code people run is built from verified source code.

Why Python 2 is still in use 16 years after Python 3
Another key finding of the report is the prevalence of older coding languages that pose a potential security risk. In particular, it notes that despite Python 3 being released 16 years ago, the transition to it is still not complete, with some sectors using Python 2 at 20-30% .

Wheeler has some ideas for how open source bangladesh mobile database can improve the situation. “The lesson is simple: Make it really easy to upgrade to new versions,” he says. “In almost all cases, new versions should be fully backwards compatible with older versions — especially the previous version. Backwards compatibility may require additional developer effort, but it’s almost always the right thing to do.”

Gartner: Rise of Agent AI Promises New Cybersecurity Risks
04.12.2024
According to Gartner, agent-based artificial intelligence could significantly increase the potential of AI and enter 33% of enterprise software applications by 2028, up from 1% today, reports the AI Business portal .

Autonomous technology can help CIOs achieve their AI goals, but it will require legal and ethical compliance. Along with potential benefits, the technology brings new risks and security threats beyond those inherent in AI models and applications, says Aviva Litan, distinguished vice president and analyst at Gartner.

Until now, large language models (LLMs) have not acted on their own initiative, but with the advent of agent-based AI, they may be able to act autonomously with minimal human supervision. LLMs will be able to adapt to context and perform tasks in complex environments.

This capability could greatly increase the potential of AI by allowing it to learn from data, conduct research, design tasks, and execute them in the digital or physical world via APIs or robotic systems. For example, future agent-based AI systems with full autonomy would be able to learn from the environment, make decisions, and execute tasks on their own.