open source
GitHub Code Scanning aims to prevent vulnerabilities in open source software
GitHub has made available two new security features for open and private repositories: code scanning (as a GitHub-native experience) and secret scanning (both still in beta). …
SaltStack Salt vulnerabilities actively exploited by attackers, patch ASAP!
Two vulnerabilities in SaltStack Salt, an open-source remote task and configuration management framework, are being actively exploited by attackers, CISA warns. About …
Spotting and blacklisting malicious COVID-19-themed sites
Since last December, over 136,000 new COVID-19-themed domains have popped up and, while many host legitimate websites, others have been set up to serve malware, phishing …
Mozilla will fund open source COVID-19-related technology projects
Have you come up with hardware or software that can help solve a problem that arose from COVID-19 and its worldwide spread? Mozilla is offering up to $50,000 to open source …
Millions of routers running OpenWRT vulnerable to attack
A vulnerability (CVE-2020-7982) discovered in the package manager of the OpenWRT open source operating system could allow attackers to compromise the embedded and networking …
2020 cybersecurity risks: Insecure security tools, supply chains, abandonware
Considerable time and money are invested into looking for dangerous vulnerabilities in the most commonly used elements of IT infrastructure. Popular operating systems, …
Number of open source vulnerabilities surged in 2019
The number of disclosed open source software vulnerabilities in 2019 reached over 6000, up from just over 4,000 in 2018, a new WhiteSource report says. “This can be …
PPP Daemon flaw opens Linux distros, networking devices to takeover attacks
A vulnerability (CVE-2020-8597) in the Point-to-Point Protocol Daemon (pppd) software, which comes installed on many Linux-based and Unix-like operating systems and networking …
Microsoft releases PowerShell 7 for Windows, macOS and Linux
Microsoft has released PowerShell 7, the latest major update to its popular task automation tool and configuration management framework that can be used on various operating …
Kali Linux evolution: What’s next for the open source pentesting Linux distro?
When the popular security-focused BackTrack Linux distribution was redesigned from the ground up and given the name Kali Linux nearly seven years ago, I remember thinking that …
A new RCE in OpenSMTPD’s default install, patch available
Less than a month after the patching of a critical RCE flaw in OpenSMTPD, OpenBSD’s mail server, comes another call to upgrade to the latest version, as two additional …
OpenDXL Ontology: An open source language for connecting cybersecurity tools
The Open Cybersecurity Alliance (OCA) today announced the availability of OpenDXL Ontology, the first open source language for connecting cybersecurity tools through a common …
Featured news
Resources
Don't miss
- 40 open-source tools redefining how security teams secure the stack
- Password habits are changing, and the data shows how far we’ve come
- Product showcase: Tuta – secure, encrypted, private email
- Henkel CISO on the messy truth of monitoring factories built across decades
- The hidden dynamics shaping who produces influential cybersecurity research