BLOG
Nov 24, 2025 In Beach Cleaning Initiative, FreeBSD Foundation, Open Source Security, software supply chain security
Strengthening FreeBSD’s Software Supply Chain: Year Two of Alpha-Omega Support
Alpha-Omega’s second year of support for the FreeBSD Foundation focuses on strengthening the security and maintenance of third party dependencies, advancing SBOM work for the…
Nov 21, 2025 In ecosystem analysis, Open Source Security, package manager data, Software Supply Chain
Documenting Package Manager Data: Insights from ecosyste.ms
ecosyste.ms released new open datasets documenting how 70+ package managers structure metadata, manifests, lockfiles, and registry APIs. This work helps strengthen software supply-chain security and…
Oct 29, 2025 In Alpha-Omega, archive security, Python packaging, Seth Larson, software supply chain security
Slippery Zips and Sticky Tar-Pits: Security and Archives | White Paper by: Seth Larson – Python Software Foundation
This new white paper from Seth Larson of the Python Software Foundation explores how legacy archive formats like ZIP and tar introduce security risks, and…
Oct 21, 2025 In Apache Trusted Releases, Cyber Resilience Act, SBOM
Apache Trusted Releases platform begins second Alpha
Apache Trusted Releases platform begins second Alpha — October 20, 2025 The Apache Software Foundation (ASF) Tooling team advances the Apache Trusted Releases (ATR) platform…
Oct 15, 2025 In Alpha-Omega, Cyber Resilience Act, Open Source Security, OpenRefactory, VEX
How I Learned to Stop Worrying and Love the VEX
Written by Piotr P. Karwasz of the Apache Log4j PMC and OpenRefactory collaborator, this post explores how Vulnerability Exploitability eXchange (VEX) files help determine whether…
Sep 30, 2025 In crates.io, Open Source Security, Rust Foundation, Software Supply Chain, Trusted Publishing
Trusted Publishing: Secure Rust Package Deployment Without Secrets
by Tobias Bieniek: Rust Foundation In April 2025, I began working on what would become one of the most significant security improvements to come to…
Sep 23, 2025 In Alpha-Omega, Maintainers, Open Source, OS Sustainability
Alpha-Omega Endorses the Joint Statement on Sustainable Stewardship
Open source powers the modern software ecosystem, but its foundation is fragile. Package registries and their surrounding infrastructure are the backbone of the open source…
Sep 15, 2025 In Alpha-Omega, Open Source, OSTIF
OSTIF 2025 Alpha-Omega Partnership Updates and Roadmap
By OSTIF Marketing and Community Manager Helen Woeste Sourcing funding is one of the biggest challenges Open Source Technology Improvement Fund (OSTIF) faces as a…
Sep 8, 2025 In Alpha-Omega, AWS, Linux Foundation, Member Spotlight, Open Source
Member Spotlight: AWS – Funding Open Source Security Empowerment
At Alpha-Omega, our mission is to secure the open source ecosystem by investing in foundational technologies and the communities that support them. AWS is a…
Aug 5, 2025
Unmasking Phantom Dependencies with Software Bill-of-Materials as Ecosystem-Neutral Metadata | White Paper by: Seth Larson – Python Software Foundation
At Alpha-Omega, we are thrilled to support and share the impactful work of Seth Larson and the Python Software Foundation in this comprehensive whitepaper. Python…
PRESS RELEASE
Nov 1, 2023
OpenJS Foundation Warns Consumer Privacy and Security at Risk in Three-Quarters of a Billion Websites
OpenJS Foundation reports poor security practices across industries in North America, UK and Europe SAN FRANCISCO – November 1, 2023 – Global web infrastructure is in…
