52% of 172 critical open-source projects lack sufficient protection against evolving threat actors, with memory-unsafe languages used in 55% of total lines of code.
A joint report by the FBI, CISA, and their Canadian and Australian counterparts warns that 52% of 172 critical open-source projects lack sufficient protection against evolving threat actors, with memory-unsafe languages used in 55% of total lines of code. The report highlights the importance of using memory-safe languages like Rust, GO, Java, and others for new code and transitioning existing components to safer alternatives. It emphasizes secure coding practices, managing dependencies, and thorough testing to mitigate safety issues.
June 27, 2024
8 Articles