{"id":280247,"date":"2026-06-24T05:00:00","date_gmt":"2026-06-24T09:00:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/24\/open-source-security-is-posing-challenges-governments-cant-easily-solve\/"},"modified":"2026-06-24T05:20:20","modified_gmt":"2026-06-24T09:20:20","slug":"open-source-security-is-posing-challenges-governments-cant-easily-solve","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/24\/open-source-security-is-posing-challenges-governments-cant-easily-solve\/","title":{"rendered":"Open-source security is posing challenges governments can&#8217;t easily solve"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/open-source-software-security-crisis\/\">Open-source security is posing challenges governments can&#8217;t easily solve<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/open-source-software-security-crisis\/\">https:\/\/cyberscoop.com\/open-source-software-security-crisis\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-24 05:00:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>An epidemic of cyberattacks on open-source software has mounted in recent months, making clear how uniquely difficult it is to protect the publicly available code, from both a policy and a technical perspective, that serves as the foundation for so much of the digital world.<\/p>\n<p>While open-source software security got a boost in attention under President Joe Biden \u2014 whose administration grappled with the fallout from the potentially catastrophic Log4j flaw that emerged in 2021 \u2014 a number of open-source experts say that government protection efforts have suffered setbacks under President Donald Trump. Many also say companies that heavily rely on open-source software, which is basically all of them, haven\u2019t shouldered enough of the responsibility for safeguarding it.<\/p>\n<p>\u201cWhat we\u2019re seeing is years of lack of investment sustainment in open-source software that is finally starting to catch up to us, where it seems like every week there\u2019s a new supply chain compromise,\u201d said Jack Cable, who held a role at the Cybersecurity and Infrastructure Security Agency where he worked on open-source security before departing under Trump.<\/p>\n<p>The advancements of frontier artificial intelligence models stand to exacerbate the risk further, while simultaneously illustrating what makes defending open source difficult: Project Glasswing said shortly after its announcement that it had uncovered 6,202 high- or critical-severity vulnerabilities in a scan of more than 1,000 open-source projects, but that it had disclosed only 502 of them to open-source project maintainers and only 75 had been patched as of May 22 (albeit some due to typical patching lagtimes).<\/p>\n<p>At the same time, there are questions about how much the government can help, even as overseas governments seek to focus on open-source security.<\/p>\n<h4 class=\"wp-block-heading\" id=\"h-the-evolution-of-open-source-risk-nbsp\">The evolution of open-source risk\u00a0<\/h4>\n<p>There are a series of factors contributing to the current threat to open-source software, experts say.<\/p>\n<p>One is simply&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/open-source-software-security-crisis\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Open-source security is posing challenges governments can&#8217;t easily solve https:\/\/cyberscoop.com\/open-source-software-security-crisis\/ Publish Date: 2026-06-24 05:00:00 Source&#8230;<\/p>\n","protected":false},"author":1,"featured_media":280248,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2026\/06\/GettyImages-1440813683.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,24],"class_list":["post-280247","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-cybersecurity"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280247"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=280247"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280247\/revisions"}],"predecessor-version":[{"id":280249,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280247\/revisions\/280249"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/280248"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=280247"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=280247"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=280247"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}