China-backed hackers 'almost certainly' targeted Canada during theft of millions of Americans' data

A Chinese hacking group that may have stolen information from nearly every American "almost certainly" targeted a Canadian telecommunications company as well, according to a warning from Canada's ...
Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, open source component of that software. Open source software supply-chain ...