Please turn on your JavaScript for this page to function normally.
open source
The double-edged sword of open-source software

The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming …

tools
Security beyond software: The open source hardware security evolution

Mention IT security, and most people immediately think of software-based protections against software-based threats: ransomware, viruses, and other forms of malware. But …

Kubernetes
Implementing a zero-trust system that uses workload identity across a service mesh in Kubernetes

In this Help Net Security video, Michael Peters, Principal Software Engineer at Red Hat, discusses how to implement a zero-trust system that uses workload identity across a …

Google package
Google delivers secure open source software packages

Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …

Kodi
Kodi forum breach: User data, encrypted passwords grabbed

The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. What happened? The breach did not happen due to a …

npm
Flood of malicious packages results in NPM registry DoS

Attackers are exploiting the good reputation and “openness” of the popular public JavaScript software registry NPM to deliver malware and scams, but are also …

Kevin Muller
Passbolt: Open-source password manager for security-conscious organizations

In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager …

OSC&R
OSC&R open software supply chain attack framework now on GitHub

OSC&R (Open Software Supply Chain Attack Reference) is an open framework for understanding and evaluating software supply chain security threats. It has received the …

ChatGPT
A bug revealed ChatGPT users’ chat history, personal and billing data

A vulnerability in the redis-py open-source library was at the root of last week’s ChatGPT data leak, OpenAI has confirmed. Not only were some ChatGPT users able to see …

GNOME
GNOME 44 features improved settings panels for Device Security

GNOME 44, code-named Kuala Lumpur, is now available. The GNOME Circle now includes many new apps, and both the Software and Files apps have undergone enhancements. The new …

Amazon Linux 2023
Amazon Linux 2023: Create and execute cloud-based applications with enhanced security

AWS has been offering Amazon Linux, a cloud-optimized Linux distribution, since 2010. This distribution’s latest version is now available. Amazon Linux 2023 is provided …

fix
We can’t wait for SBOMs to be demanded by regulation

Old ads can be startling—cigarette ads used to boast their health-giving properties, sugar-laden candy was once advertised as a dietary aid, and soft drinks were advertised as …

Don't miss

Cybersecurity news