Chart of the Week

Open Source Origins: Mapping the Modern Software Supply Chain

95% of vulnerabilities originate from open-source software dependencies embedded throughout applications and containers.

June 16, 2026

June 11 2026
Suspicious & Silent AI Attackers

June 11 2026

June 3 2026
The Hidden Risks Inside AI Skill Marketplaces

June 3 2026

May 19, 2026
Silent AI attackers, are they already in your environment?

May 19, 2026

JAN 2025: VOLUME 1
Do you know the provenance of your open-source software?

JAN 2025: VOLUME 1

DEC 2024: VOLUME 1
How much “Shadow Code” is in your open-source applications?

DEC 2024: VOLUME 1

MAY 2024: VOLUME 1
Unknown Authors Contributed to Open-Source Components in Your Software!

MAY 2024: VOLUME 1

APR 2024: VOLUME 2
Data-centric Network Access Backdoors are embedded in Open-Source Software!

APR 2024: VOLUME 2

APR 2024: VOLUME 1
XZ is a wakeup call – 5.3% of Open–Source components are pre-tampered!

APR 2024: VOLUME 1

MAR 2024: VOLUME 3
Open-source software: Ten times the innovation, ten times the risk!

MAR 2024: VOLUME 3

MAR 2024: VOLUME 2
Where do your “critical” open-source dependencies come from?

MAR 2024: VOLUME 2

MAR 2024: VOLUME 1
Open-source software ages badly!

MAR 2024: VOLUME 1

FEB 2024: VOLUME 3
Poisoned Software Supply Chains

FEB 2024: VOLUME 3

FEB 2024: VOLUME 2
A third of your Open-Source Software are not fully attestable and that should worry you – a lot!

FEB 2024: VOLUME 2

FEB 2024: VOLUME 1
Are your Open-Source dependencies POISONED?

FEB 2024: VOLUME 1

JAN 2024: VOLUME 2
Open Source Software Charts: OSS risk is determined more by the quality of its dependencies than by the quality of its developers!

JAN 2024: VOLUME 2

JAN 2024: VOLUME 1
82% of Open-Source components are inherently risky

JAN 2024: VOLUME 1

DEC 2023: VOLUME 1
A Positive Revelation with Open Source Software!

DEC 2023: VOLUME 1

NOV 2023: VOLUME 2
90% of software components in Open-Source are transitive, invisible dependencies

NOV 2023: VOLUME 2

NOV 2023: VOLUME 1
Every Open-Source dependency is a software supply chain by itself!

NOV 2023: VOLUME 1

OCT 2023: VOLUME 4
Unearthing the Hidden Risks: Critical Inherent Risk Scores in Open-Source Components

OCT 2023: VOLUME 4

OCT 2023: VOLUME 3
Packages are reused 2.7 times on average within the same Open-Source Project

OCT 2023: VOLUME 3

OCT 2023: VOLUME 1
Vulnerabilities by Dependency Level in Open-Source Projects

OCT 2023: VOLUME 1

OCT 2023: VOLUME 2
Fixed vs Unfixed Vulnerabilities Distribution in Open-Source Software

OCT 2023: VOLUME 2

SEPT 2023: VOLUME 1
What’s in your open-source software?

SEPT 2023: VOLUME 1

Products
Full-Lifecycle Software Supply Chain SecurityGold Open SourceSCA360SBOM360SBOM360 HubThird Party Risk ManagerLineaje AI
Use cases
Eliminate Vulnerability ExposureKnow What’s in Your SoftwareDeploy Self-Healing ContainersFix All Vulnerabilities AutomaticallyComply with Global Regulations
cOMPANY
About UsPartnersLineaje FederalContact UsSummits
rESOURCES
BlogFeatureHubLearning CenterNews & Coverage
© 2025 Lineaje Inc
Terms & Conditions
Privacy Policy