Dossier
Log4j
Coverage of Log4j in the Nexus archive.
- Open-source security is posing challenges governments can’t easily solve
An increase in cyberattacks on open-source software highlights challenges in securing publicly available code, with experts citing underinvestment and maintenance issues. Governments under different administrations have had mixed impacts, while companies also face criticism for insufficient responsibility. Project Glasswing identified thousands of vulnerabilities in open-source projects, but only a small fraction have been patched.