In September 2025, the npm ecosystem experienced one of the most consequential software supply-chain compromises to date. A self-propagating worm, now commonly referred to as Shai-Hulud, compromised hundreds of npm packages, harvested developer and CI/CD credentials, and used those credentials to spread laterally across the ecosystem by publishing further malicious updates under the identities of legitimate maintainers. Within weeks, a

Open source is no longer a niche topic—in 2025, it is clearer than ever how indispensable open software has become for our digital world. Without open source solutions, large parts of data traffic, many platforms, and even smartphones would come to a standstill. At the same time, the open source community is a key driver of innovation, whether in cloud

As cars become more like computers on wheels, cybersecurity is becoming a major concern. With vehicles now connected to the internet and relying heavily on software, protecting them from cyber threats is essential. The Cyber Resilience Act (CRA) is a new European law designed to improve cybersecurity for digital products. While it does not directly apply to cars themselves (since