{"id":2188,"date":"2025-12-15T11:59:57","date_gmt":"2025-12-15T14:59:57","guid":{"rendered":"https:\/\/hackerrangers.siteup.dev\/?p=2188"},"modified":"2025-12-15T11:59:57","modified_gmt":"2025-12-15T14:59:57","slug":"the-growing-risk-of-open-source-code-and-libraries","status":"publish","type":"post","link":"https:\/\/hackerrangers.siteup.dev\/es\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/","title":{"rendered":"El creciente riesgo que implica el uso de c\u00f3digos open source y de bibliotecas abiertas"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">La comunidad de desarrolladores ha adoptado ampliamente las bibliotecas open source (de c\u00f3digo abierto) y las API de uso libre  debido a lo f\u00e1cil que es acceder a ellas y tambi\u00e9n a la flexibilidad que ofrecen y a la colaboraci\u00f3n que permiten entre los miembros del sector. Esas herramientas proporcionan una amplia gama de funcionalidades predise\u00f1adas y, as\u00ed, les permiten a los desarrolladores ahorrar tiempo y esfuerzo en sus proyectos. Sin embargo, la adopci\u00f3n generalizada de esos recursos tambi\u00e9n ha generado un aumento en el n\u00famero de riesgos cibern\u00e9ticos asociados a ellos.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">De acuerdo con un relevamiento realizado por Synopsys, el 97% de las aplicaciones existentes adoptan al menos un trecho de un proyecto de c\u00f3digo abierto y el 90% de las corporaciones emplean ese tipo de recurso en productos comerciales destinados al p\u00fablico final, ya sea B2B (empresarial) o B2C (persona f\u00edsica). La idea es acelerar el pipeline de desarrollo, automatizando gran parte del trabajo de los desarrolladores utilizando funcionalidades y recursos ya existentes.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Desgraciadamente, los delincuentes cibern\u00e9ticos tambi\u00e9n han identificado esa tendencia y est\u00e1n sac\u00e1ndole provecho a ese escenario, encendiendo, de esa forma, la se\u00f1al de alerta con respecto a la conveniencia de usar los c\u00f3digos abiertos de una forma m\u00e1s consciente.<\/span><\/p>\n<h2><b>Envenenando el aljibe<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Una de las principales preocupaciones relacionadas al uso de bibliotecas y API open source es la relativa a la posibilidad de que contengan vulnerabilidades y brechas de seguridad desconocidas. En virtud de la naturaleza abierta de esos recursos, cualquier persona puede contribuir con el c\u00f3digo, lo que significa que no siempre hay un control riguroso sobre la calidad de la seguridad. Los atacantes pueden explotar una vulnerabilidad no detectada en una biblioteca de c\u00f3digo abierto para comprometer la seguridad de un sistema o aplicaci\u00f3n que la utilice.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Otro punto cr\u00edtico es el relacionado a la complejidad de las dependencias entre bibliotecas y API. Muchas veces, un software puede depender de varias bibliotecas de c\u00f3digo abierto que, a su vez, pueden depender de otras bibliotecas. De esa manera, se crea una cadena de confianza en la cual cualquier vulnerabilidad en una biblioteca puede propagarse hacia otras partes del sistema. Adem\u00e1s, es com\u00fan que los desarrolladores no actualicen regularmente sus bibliotecas y dependencias, dejando al sistema vulnerable a amenazas conocidas y corregidas.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Por \u00faltimo, debemos preocuparnos con la posibilidad de inclusi\u00f3n de un c\u00f3digo malicioso. Aunque la mayor\u00eda de los aportes sean leg\u00edtimos y bien intencionados, un desarrollador malicioso, con la finalidad de envenenar proyectos, puede introducir un c\u00f3digo comprometido en una biblioteca que, entonces, se distribuir\u00e1 ampliamente entre los usuarios. Adem\u00e1s, los delincuentes pueden explorar las API para realizar ataques de inyecci\u00f3n de c\u00f3digo, como SQL injection o cross-site scripting (XSS), comprometiendo la integridad de los sistemas.<\/span><\/p>\n<h2><b>Tips de buenas pr\u00e1cticas<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Ante esos riesgos, es fundamental adoptar medidas de seguridad para mitigar las amenazas cibern\u00e9ticas. Algunas buenas pr\u00e1cticas incluyen:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">valuar la reputaci\u00f3n y la comunidad de desarrolladores de la biblioteca o API antes de adoptarla;<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">mantener todas las bibliotecas y dependencias actualizadas, aplicando patches de seguridad regularmente;<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">realizar auditor\u00edas de seguridad en el c\u00f3digo fuente de las bibliotecas de c\u00f3digo abierto;<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">implementar mecanismos de control de acceso y autenticaci\u00f3n adecuados en las API abiertas;<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">utilizar herramientas de an\u00e1lisis est\u00e1tico de c\u00f3digo y escaneos de vulnerabilidades para identificar posibles problemas de seguridad;<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">establecer pol\u00edticas de revisi\u00f3n de c\u00f3digo y pruebas rigurosas para todas las bibliotecas y API que se utilicen.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">Con algunas medidas sencillas, es posible aprovechar los beneficios de esos recursos de manera consciente y segura sin poner toda tu cadena de desarrollo en riesgo.<\/span><\/p>","protected":false},"excerpt":{"rendered":"<p>Open-source libraries and free-to-use APIs have been widely adopted by the developer community thanks to their ease of access, flexibility, and collaboration among industry members. These tools provide a wide range of pre-developed functionalities, saving programmers time and effort on their projects. However, the widespread adoption of these resources has also led to an increase [&hellip;]<\/p>\n","protected":false},"author":4009,"featured_media":2189,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"content-type":"","inline_featured_image":false,"footnotes":""},"categories":[23],"tags":[64,132,131],"class_list":["post-2188","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-open-source","tag-open-source-libraries"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.9 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>The growing risk of open-source code and libraries | Hacker Rangers<\/title>\n<meta name=\"description\" content=\"Explore the growing security risks of open-source code and libraries, and learn best practices to safely use APIs and dependencies .\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"The growing risk of open-source code and libraries | Hacker Rangers\" \/>\n<meta property=\"og:description\" content=\"Explore the growing security risks of open-source code and libraries, and learn best practices to safely use APIs and dependencies .\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hackerrangers.siteup.dev\/es\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/\" \/>\n<meta property=\"og:site_name\" content=\"Hacker Rangers\" \/>\n<meta property=\"article:published_time\" content=\"2025-12-15T14:59:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"1000\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Hacker Rangers\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hacker Rangers\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/\"},\"author\":{\"name\":\"Hacker Rangers\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#\/schema\/person\/3e152a5bd1004506e37a9342cdd34c61\"},\"headline\":\"The growing risk of open-source code and libraries\",\"datePublished\":\"2025-12-15T14:59:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/\"},\"wordCount\":486,\"publisher\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#organization\"},\"image\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png\",\"keywords\":[\"cybersecurity\",\"open-source\",\"open-source libraries\"],\"articleSection\":[\"Cybersecurity\"],\"inLanguage\":\"es\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/\",\"url\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/\",\"name\":\"The growing risk of open-source code and libraries | Hacker Rangers\",\"isPartOf\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png\",\"datePublished\":\"2025-12-15T14:59:57+00:00\",\"description\":\"Explore the growing security risks of open-source code and libraries, and learn best practices to safely use APIs and dependencies .\",\"breadcrumb\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#breadcrumb\"},\"inLanguage\":\"es\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage\",\"url\":\"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png\",\"contentUrl\":\"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png\",\"width\":1500,\"height\":1000,\"caption\":\"open source libraries\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\/\/hackerrangers.siteup.dev\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"The growing risk of open-source code and libraries\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#website\",\"url\":\"https:\/\/hackerrangers.siteup.dev\/\",\"name\":\"Hacker Rangers\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/hackerrangers.siteup.dev\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"es\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#organization\",\"name\":\"Hacker Rangers\",\"url\":\"https:\/\/hackerrangers.siteup.dev\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"es\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/07\/logo.svg\",\"contentUrl\":\"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/07\/logo.svg\",\"width\":104,\"height\":50,\"caption\":\"Hacker Rangers\"},\"image\":{\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/hackerrangers.siteup.dev\/#\/schema\/person\/3e152a5bd1004506e37a9342cdd34c61\",\"name\":\"Hacker Rangers\",\"url\":\"https:\/\/hackerrangers.siteup.dev\/es\/author\/hackerrangers\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"The growing risk of open-source code and libraries | Hacker Rangers","description":"Explore the growing security risks of open-source code and libraries, and learn best practices to safely use APIs and dependencies .","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"es_ES","og_type":"article","og_title":"The growing risk of open-source code and libraries | Hacker Rangers","og_description":"Explore the growing security risks of open-source code and libraries, and learn best practices to safely use APIs and dependencies .","og_url":"https:\/\/hackerrangers.siteup.dev\/es\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/","og_site_name":"Hacker Rangers","article_published_time":"2025-12-15T14:59:57+00:00","og_image":[{"width":1500,"height":1000,"url":"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png","type":"image\/png"}],"author":"Hacker Rangers","twitter_card":"summary_large_image","twitter_misc":{"Escrito por":"Hacker Rangers","Tiempo de lectura":"3 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#article","isPartOf":{"@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/"},"author":{"name":"Hacker Rangers","@id":"https:\/\/hackerrangers.siteup.dev\/#\/schema\/person\/3e152a5bd1004506e37a9342cdd34c61"},"headline":"The growing risk of open-source code and libraries","datePublished":"2025-12-15T14:59:57+00:00","mainEntityOfPage":{"@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/"},"wordCount":486,"publisher":{"@id":"https:\/\/hackerrangers.siteup.dev\/#organization"},"image":{"@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage"},"thumbnailUrl":"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png","keywords":["cybersecurity","open-source","open-source libraries"],"articleSection":["Cybersecurity"],"inLanguage":"es"},{"@type":"WebPage","@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/","url":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/","name":"The growing risk of open-source code and libraries | Hacker Rangers","isPartOf":{"@id":"https:\/\/hackerrangers.siteup.dev\/#website"},"primaryImageOfPage":{"@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage"},"image":{"@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage"},"thumbnailUrl":"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png","datePublished":"2025-12-15T14:59:57+00:00","description":"Explore the growing security risks of open-source code and libraries, and learn best practices to safely use APIs and dependencies .","breadcrumb":{"@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#primaryimage","url":"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png","contentUrl":"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/12\/open-source-libraries.png","width":1500,"height":1000,"caption":"open source libraries"},{"@type":"BreadcrumbList","@id":"https:\/\/hackerrangers.siteup.dev\/cybersecurity\/the-growing-risk-of-open-source-code-and-libraries\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/hackerrangers.siteup.dev\/"},{"@type":"ListItem","position":2,"name":"The growing risk of open-source code and libraries"}]},{"@type":"WebSite","@id":"https:\/\/hackerrangers.siteup.dev\/#website","url":"https:\/\/hackerrangers.siteup.dev\/","name":"Hacker Rangers","description":"","publisher":{"@id":"https:\/\/hackerrangers.siteup.dev\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hackerrangers.siteup.dev\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/hackerrangers.siteup.dev\/#organization","name":"Hacker Rangers","url":"https:\/\/hackerrangers.siteup.dev\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/hackerrangers.siteup.dev\/#\/schema\/logo\/image\/","url":"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/07\/logo.svg","contentUrl":"https:\/\/hackerrangers.siteup.dev\/wp-content\/uploads\/2025\/07\/logo.svg","width":104,"height":50,"caption":"Hacker Rangers"},"image":{"@id":"https:\/\/hackerrangers.siteup.dev\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/hackerrangers.siteup.dev\/#\/schema\/person\/3e152a5bd1004506e37a9342cdd34c61","name":"Hacker Rangers","url":"https:\/\/hackerrangers.siteup.dev\/es\/author\/hackerrangers\/"}]}},"_links":{"self":[{"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/posts\/2188","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/users\/4009"}],"replies":[{"embeddable":true,"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/comments?post=2188"}],"version-history":[{"count":0,"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/posts\/2188\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/media\/2189"}],"wp:attachment":[{"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/media?parent=2188"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/categories?post=2188"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hackerrangers.siteup.dev\/es\/wp-json\/wp\/v2\/tags?post=2188"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}