News

Communications of the ACM

Fifty Years of Open Source Software Supply-Chain Security

An open source software supply-chain vulnerability is an exploitable weakness in trusted software caused by a third-party, ...

Android’s New Verification System May Limit Offline App Sideloading

Google's upcoming developer verification system for Android may prevent users from sideloading apps without an internet ...