open source
New Open Source Security Foundation wants to improve open source software security
The Linux Foundation announced the formation of the Open Source Security Foundation (OpenSSF), a cross-industry collaboration that brings together leaders to improve the …
Bug in widely used bootloader opens Windows, Linux devices to persistent compromise
A vulnerability (CVE-2020-10713) in the widely used GRUB2 bootloader opens most Linux and Windows systems in use today to persistent compromise, Eclypsium researchers have …
DeimosC2: Open source tool to manage post-exploitation issues
TEAMARES launched DeimosC2, addressing the market need for a cross-compatible, open source Command and Control (C2) tool for managing compromised machines that includes mobile …
REMnux toolkit for malware analysis version 7 released
REMnux is a popular Linux-based toolkit for reverse-engineering malicious software which malware analysts have been relying on for more than 10 years to help them quickly …
A look at modern adversary behavior and the usage of open source tools in the enterprise
Leszek Miś is the founder of Defensive Security, a principal trainer and security researcher with over 15 years of experience. Next week, he’s running an amazing online …
Elasticsearch security: Understand your options and apply best practices
The ever-escalating popularity of Elasticsearch – the distributed open source search and log analytics engine that has become a staple in enterprise application developers’ …
New vulnerabilities in open source packages down 20% compared to last year
New vulnerabilities in open source packages were down 20% compared to last year suggesting security of open source packages and containers are heading in a positive direction, …
2019 was a record year for OSS vulnerabilities
Total vulnerabilities in OSS more than doubled in 2019 from 421 Common Vulnerabilities and Exposures (CVEs) in 2018 to 968 last year, according to a RiskSense report. Top 10 …
Cooking up secure code: A foolproof recipe for open source
The use of open source code in modern software has become nearly ubiquitous. It makes perfect sense: facing ever-increasing pressures to accelerate the rate at which new …
New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows
With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating …
How secure are open source libraries?
Seven in 10 applications have a security flaw in an open source library, highlighting how use of open source can introduce flaws, increase risk, and add to security debt, a …
Eye-opening statistics about open source security, license compliance, and code quality risk
99% of commercial codebases contain at least one open source component, with open source comprising 70% of the code overall, according to Synopsys. Open source components and …
Featured news
Resources
Don't miss
- What Cloudflare’s 2025 internet review says about attacks, outages, and traffic shifts
- Update your Apple devices to fix actively exploited vulnerabilities! (CVE-2025-14174, CVE-2025-43529)
- Kali Linux 2025.4: New tools and “quality-of-life” improvements
- How researchers are teaching AI agents to ask for permission the right way
- Prometheus: Open-source metrics and monitoring systems and services