Breaking: Google will now only release Android source code twice a year

Instead of four times a year, Google will now only release Android source code to AOSP twice a year, once in Q2 and again in Q4.
Dark Reading

Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

A pair of security vulnerabilities discovered in the GitHub environments of two very popular open source projects from Apache and Google could be used to stealthily modify project source code, steal ...
Infosecurity-magazine.com

Majority of Critical Open Source Projects Contain Memory Unsafe Code

More than half (52%) of critical open source projects contain code written in a memory-unsafe language, according to a new analysis by the Cybersecurity and Infrastructure Security Agency (CISA) in ...
Android Authority

Android 16 QPR1’s source code is nowhere to be found, but Google swears it’s coming

Google has delayed releasing the source code for Android 16 QPR1, worrying custom ROM developers who rely on timely AOSP (Android Open Source Project) updates. While Google typically publishes source ...
Dark Reading

CISA Flags Memory-Unsafe Code in Major Open Source Projects

A comprehensive new study has unearthed fresh details on the extensive and troubling use of memory-unsafe code in major open source software (OSS) projects. However, the chances that fresh insight on ...
Bleeping Computer

Popular open source project Moq criticized for quietly collecting data

Open source project Moq (pronounced "Mock") has drawn sharp criticism for quietly including a controversial dependency in its latest release. Distributed on the NuGet software registry, Moq sees over ...