Vulnerabilities Declining in Open Source, But Slow Patching Still a Problem

Even as more code is produced, indirect dependencies continue to undermine security.

You can read the full article here.