open source
Critical Kubernetes privilege escalation flaw patched, update ASAP!
A critical privilege escalation vulnerability affecting the popular open source cluster management and container orchestration software Kubernetes has been patched on Monday. …
For recent big data software vulnerabilities, botnets and coin mining are just the beginning
The phrase “with great power comes great responsibility” was excellent advice when Ben Parker said it to his nephew Peter, aka Spiderman. It is even more …
Cybersecurity and ethical data management: Getting it right
Data can provide information, information can lead to insight and knowledge, and knowledge is power. It’s no wonder, then, that seemingly everybody in this modern, …
VirtualBox Guest-to-Host escape 0day and exploit released online
Independent vulnerability researcher Sergey Zelenyuk has made public a zero-day vulnerability he discovered in VirtualBox, the popular open source virtualization software …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
Netflix releases desktop versions of device security app Stethoscope
In early 2017, the Netflix team open sourced Stethoscope, an application that collects information about users’ devices and provides them with recommendations for securing …
Repairnator bot finds software bugs, successfully submits patches
Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? …
VestaCP users warned about possible server compromise
Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …
Regularly updating your wireless router is not enough to ward off attacks
Wireless routers are the most often attacked and exploited type of IoT device. They are also one of the rare IoT devices that most of us can’t do without. We need them …
WWW inventor announces Solid, a push to create a decentralized web users can trust
Tim Berners-Lee, the inventor of the World Wide Web, has not been hiding his disappointment with the direction in which his invention was taken. “The web has evolved …
Are communications service providers confident in open source networking solutions?
The Linux Foundation announced the results of an industry survey to gauge industry perceptions of open source across networking technologies. Top takeaways from the survey …
Downloads of known vulnerable open source components increase 120%
Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around …
Featured news
Resources
Don't miss
- Deploying AI at the edge: The security trade-offs and how to manage them
- Cybercrime forums Cracked and Nulled seized, operators arrested
- SimpleHelp RMM vulnerabilities may have been exploited to breach healthcare orgs
- Zscaler CISO on balancing security and user convenience in hybrid work environments
- ExtensionHound: Open-source tool for Chrome extension DNS forensics