open source
VirtualBox Guest-to-Host escape 0day and exploit released online
Independent vulnerability researcher Sergey Zelenyuk has made public a zero-day vulnerability he discovered in VirtualBox, the popular open source virtualization software …
Apache Struts 2.3.x vulnerable to two year old RCE flaw
The Apache Software Foundation is urging users that run Apache Struts 2.3.x to update the Commons FileUpload library to close a serious vulnerability that could be exploited …
Netflix releases desktop versions of device security app Stethoscope
In early 2017, the Netflix team open sourced Stethoscope, an application that collects information about users’ devices and provides them with recommendations for securing …
Repairnator bot finds software bugs, successfully submits patches
Can a bot create valid, high-quality fixes for software bugs more rapidly than a human can, and get them accepted by human developers and permanently merged in the code base? …
VestaCP users warned about possible server compromise
Unknown attackers have compromised the official distribution of the VestaCP hosting control panel solution to harvest server IPs and admin credentials. That information was …
Regularly updating your wireless router is not enough to ward off attacks
Wireless routers are the most often attacked and exploited type of IoT device. They are also one of the rare IoT devices that most of us can’t do without. We need them …
WWW inventor announces Solid, a push to create a decentralized web users can trust
Tim Berners-Lee, the inventor of the World Wide Web, has not been hiding his disappointment with the direction in which his invention was taken. “The web has evolved …
Are communications service providers confident in open source networking solutions?
The Linux Foundation announced the results of an industry survey to gauge industry perceptions of open source across networking technologies. Top takeaways from the survey …
Downloads of known vulnerable open source components increase 120%
Sonatype today released its fourth annual State of the Software Supply Chain Report, which reveals the widespread use of vulnerable software components by businesses around …
French cybersecurity agency open sources security hardened CLIP OS
After developing it internally for over 10 years, the National Cybersecurity Agency of France (ANSSI) has decided to open source CLIP OS, a Linux-based operating system …
Scan reveals known open source vulnerabilities in popular Android apps
Widespread use of unpatched open source code in popular Android apps is causing significant security vulnerabilities, warns the non-profit American Consumer Institute Center …
Qualys Community Edition: Discover IT assets, manage vulnerabilities, scan web apps
In this podcast recorded at Black Hat USA 2018, Anthony Mogannam, Product Manager, SME/SMB Solutions at Qualys, talks about issues related to open source software and Qualys …
Featured news
Resources
Don't miss
- 7-Zip vulnerability is being actively exploited, NHS England warns (CVE-2025-11001)
- Exam prep hacked: Study tips and tricks that really work
- Stealth-patched FortiWeb vulnerability under active exploitation (CVE-2025-58034)
- Threat group reroutes software updates through hacked network gear
- The long conversations that reveal how scammers work