open source
The double-edged sword of open-source software
The lack of visibility into the software supply chain creates an unsustainable cycle of discovering vulnerabilities and weaknesses in software and IT systems, overwhelming …
Security beyond software: The open source hardware security evolution
Mention IT security, and most people immediately think of software-based protections against software-based threats: ransomware, viruses, and other forms of malware. But …
Implementing a zero-trust system that uses workload identity across a service mesh in Kubernetes
In this Help Net Security video, Michael Peters, Principal Software Engineer at Red Hat, discusses how to implement a zero-trust system that uses workload identity across a …
Google delivers secure open source software packages
Google has announced the Google Cloud Assured Open Source Software (Assured OSS) service, which aims to be a trusted source of secure open source packages, and the deps.dev …
Kodi forum breach: User data, encrypted passwords grabbed
The developers of Kodi, the widely used open-source media player app, have revealed a data breach of its user forum. What happened? The breach did not happen due to a …
Flood of malicious packages results in NPM registry DoS
Attackers are exploiting the good reputation and “openness” of the popular public JavaScript software registry NPM to deliver malware and scams, but are also …
Passbolt: Open-source password manager for security-conscious organizations
In this Help Net Security interview, Kevin Muller, CEO at Passbolt, delves into the critical concerns linked to password usage, outlines how the Passbolt password manager …
OSC&R open software supply chain attack framework now on GitHub
OSC&R (Open Software Supply Chain Attack Reference) is an open framework for understanding and evaluating software supply chain security threats. It has received the …
A bug revealed ChatGPT users’ chat history, personal and billing data
A vulnerability in the redis-py open-source library was at the root of last week’s ChatGPT data leak, OpenAI has confirmed. Not only were some ChatGPT users able to see …
GNOME 44 features improved settings panels for Device Security
GNOME 44, code-named Kuala Lumpur, is now available. The GNOME Circle now includes many new apps, and both the Software and Files apps have undergone enhancements. The new …
Amazon Linux 2023: Create and execute cloud-based applications with enhanced security
AWS has been offering Amazon Linux, a cloud-optimized Linux distribution, since 2010. This distribution’s latest version is now available. Amazon Linux 2023 is provided …
We can’t wait for SBOMs to be demanded by regulation
Old ads can be startling—cigarette ads used to boast their health-giving properties, sugar-laden candy was once advertised as a dietary aid, and soft drinks were advertised as …
Featured news
Sponsored
Don't miss
- Finding software flaws early in the development process provides ROI
- Zero-day exploitation surged in 2023, Google finds
- NHS Scotland confirms ransomware attackers leaked patients’ data
- Patch actively exploited Microsoft SharePoint bug, CISA orders federal agencies (CVE-2023-24955)
- Debunking compliance myths in the digital era