open source

Are your connected devices searchable on the Internet?
Despite being a hub for technology talent, Berliners are leaving themselves wide open to cyberattack through poor security practices that are exposing millions of cyber …

PowerDNS patches five security holes in widely used nameserver software
PowerDNS, the company behing the popular open source DNS software of the same name, has pushed out security updates and patches for its Authoritative Server and Recursor …

GitHub starts alerting developers of security vulnerabilities in dependencies
Popular Git repository hosting service GitHub has introduced a new feature to help developers keep their projects safer: security alerts for vulnerabilities in software …

Tor Browser flaw leaks users’ real IP address
The Tor Project has issued an emergency security bugfix release of Tor Browser, to prevent user IP address leakage due to a still unpatched Firefox bug. The bug is present …

FireEye releases open source managed password cracking tool
FireEye has released GoCrack, an open source tool for managing password cracking tasks across multiple machines. “Simply deploy a GoCrack server along with a worker on …

Camera-based, single-step two-factor authentication resilient to pictionary, shoulder surfing attacks
A group of researchers from Florida International University and Bloomberg LP have created Pixie, a camera-based two-factor authentication system that could end up being a …

Ubuntu 17.10 brings enhanced security and productivity for developers
Canonical released Ubuntu 17.10 featuring a new GNOME desktop on Wayland, and new versions of KDE, MATE and Budgie. On the cloud, 17.10 brings Kubernetes 1.8 for hyper-elastic …

The pervasive risk of vulnerable open source components
Veracode announced findings from the 2017 State of Software Security Report, a comprehensive review of application security testing data from scans conducted by a base of more …

Companies turn a blind eye to open source risk
Though open source software (OSS) helps software suppliers be nimble and build products faster, there are hidden software supply chain risks all software suppliers and IoT …

PoC for several Magento vulnerabilities released, update now!
DefenseCode has published proof of concept code for two CSRF and stored XSS vulnerabilities affecting a number of versions of the popular e-commerce platform Magento. Magento …

Widely used DNS forwarder and DHCP server Dnsmasq riddled with flaws
Google researchers have discovered seven serious vulnerabilities in Dnsmasq, a lightweight, widely used DNS forwarder and DHCP server for small computer networks. Dnsmasq is …

The Internet Bug Bounty offers rewards for bugs in data processing libraries
The Internet Bug Bounty (IBB), a project aimed at finding and fixing vulnerabilities in core internet infrastructure and free open source software, has announced that it will …
Featured news
Resources
Don't miss
- NTLM relay attacks are back from the dead
- Africa’s cybersecurity crisis and the push to mobilizing communities to safeguard a digital future
- Google open-sources privacy tech for age verification
- You can’t trust AI chatbots not to serve you phishing pages, malicious downloads, or bad code
- Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)