Most of the software running inside a typical company was written by volunteers the company never paid. Open-source code sits under web apps, build pipelines, and the machine learning stacks getting so much attention right now. Roughly 96 percent of codebases carry some of it. That dependence turned visible in December 2021, when the log4j flaw exposed applications from Twitter to Minecraft. The xz utils backdoor of 2024 drove the point home again. Both traced … More
The post What public money does to open-source projects appeared first on Help Net Security.