Google’s latest scorecard tool scans open-source software for security risks
1 July 2021
The updated version of Google Scorecard produces a “Risk Score” for open-source software with improved checks and capabilities to make the data accessible for analysis. The update comes with features like, checks for contributions from malicious authors or compromised accounts that can introduce potential backdoors into code. Use of fuzzing (e.g., OSS-Fuzz), and static code analysis tools (e.g., CodeQL), signs of CI/CD compromise, and bad dependencies
Back to all news Read moreOther news
- WhatsApp 0-day bug allow hackers to take full app control remotely26 September 2022
- Microsoft Patch Tuesday, September 2022.26 September 2022
- Personal data of American Airlines customers was hacked26 September 2022
- 17-year-old teenager arrested by UK policy for Uber and Rockstar hack26 September 2022
- Keylogger Originlogger steals credentials and takes screenshots19 September 2022
- 700 MPPS DDoS attack targeted to cripple the organization19 September 2022
- Critical IT systems and the Windows Domain of Uber were breached by hackers19 September 2022