This is the sixth year in a row Tidelift has conducted a survey about open source and the third time it focused exclusively on the maintainers who create and maintain the open source projects we all depend on. The most cited stat from that previous survey was that 60% of maintainers described themselves as unpaid hobbyists. We asked the same question again this year to see if things had changed.

The Stuxnet and Ukranian power grid attacks give us clear ideas about how much damage a determined adversary can inflict not only on the business or operation concerned, but also on the general public. This paper takes a look at critical infrastructure attacks.

This report is a kind of dossier on the hacker community. It lets you in to their world, to know their mindset, and thoughts on the bug bounty community.

During the summer of 2017, a study was done on the security issues related to the TUF framework.