The Hidden Risks Inside Open-Source Code
Help Net Security, Monday, October 6th, 2025
Open-source software is everywhere. It runs the browsers we use, the apps we rely on, and the infrastructure that keeps businesses connected. For many security leaders, it is simply part of the environment, not something they think about every day. That is where trouble can start.
James Cusick, a researcher at Ritsumeikan University, recently set out to answer a question: how secure is the code we depend on? His study looked at both open-source and proprietary software, scanning millions of lines of code to see where vulnerabilities hide and how serious they are. What he found shows why static code scanning should be a key part of every security strategy.