At its core, VS Code is built on an open source project called Code OSS, published under the permissive MIT license.

The Jupyter extension brings Jupyter Notebook functionality into VS Code. It lets you create, open, and edit .ipynb files ...

A Sonatype report reveals a sharp rise in sophisticated attacks hiding in trusted code libraries, with data theft becoming the primary goal ...

Researchers at Edera say they have uncovered a critical boundary-parsing bug, dubbed TARmageddon ( CVE-2025-62518 ), in the popular async-tar Rust library. And not only is it in this library, but also ...

Microsoft’s cross-platform .NET takes interesting dependencies, including a fork of Google’s Skia, now to be co-maintained ...

It is not uncommon for open source licenses to change. When licenses change, users often need to re-evaluate compliance risks. Take Redis as an example. Redis is a popular key-value store whose open ...

A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code ...

A new six-figure grant ensures that Georgia Tech students and faculty continue to have access to vital open-source software resources. The Open Source Program Office (OSPO) provides expert advice, ...

An attack on the NuGet package registry shows how advanced open-source software supply chain attacks have become.

But how did OSS become so widespread? Was it pure cost efficiency, or does OSS really bring more innovation to organizations?

Vulnerability in the popular Rust library Async-tar could allow attackers to smuggle archive entries and execute arbitrary code remotely.

“After that bill pushed through, things were supposed to be easier,” Anita Bass, president of the Baltimore County Public ...