Please turn on your JavaScript for this page to function normally.
idea
It’s time for a common sense security framework

Privacy Rights Clearinghouse maintains a database of every data breach made public since 2005, and as the total number of records rapidly approaches one billion, board …

FreeRADIUS
Vulnerability opens FreeRADIUS servers to unauthenticated attackers

A vulnerability in the free, open source FreeRADIUS server could be exploited by remote attackers to bypass authentication via PEAP or TTLS. There is currently no indication …

Broken glass
Critical Samba code execution hole plugged, patch ASAP!

The developers of Samba have plugged a critical remote code execution flaw that could allow a malicious client to upload a shared library to a writable share, and then cause …

WordPress
WordPress announces bug bounty program

WordPress Foundation is the latest organization to publicly announce a bug bounty program set up on the HackerOne platform. What’s in scope of the WordPress bug bounty …

fuzzing
Google found over 1,000 bugs in 47 open source projects

In the last five months, Google’s OSS-Fuzz program has unearthed over 1,000 bugs in 47 open source software projects, and it’s ready to integrate even more of …

Handbrake
If you downloaded HandBrake for Mac, you could be infected with Proton RAT

A mirror download server of HandBrake, a popular open source video conversion app for Mac, has been compromised, and the legitimate app .dmg file switched with a Trojanized …

Red Hat containers
Container Health Index: Red Hat’s standard for trusted containers

Red Hat introduced the Container Health Index, which provides a comprehensive image detail of any enterprise container service. The index grades all of Red Hat’s containerized …

SquirrelMail
SquirrelMail opens users to remote code execution

Users of open source webmail software SquirrelMail are open to remote code execution due to a bug (CVE-2017-7692) discovered independently by two researchers. “If the …

Magnify
Top-ranked programming Web tutorials introduce vulnerabilities into software

Researchers from several German universities have checked the PHP codebases of over 64,000 projects on GitHub, and found 117 vulnerabilities that they believe have been …

BlackDuck
Organizations are not effectively dealing with open source security threats

Black Duck conducts hundreds of open source code audits annually, primarily related to Merger & Acquisition transactions. Its Center for Open Source Research & …

danger
Intel’s CHIPSEC can detect CIA’s OS X rootkit

As details about CIA’s hacking capabilities and tools are, bit by bit, popping to the surface, companies are trying to offer users some piece of mind. In the wake of …

Apache Struts
Apache servers under attack through easily exploitable Struts 2 flaw

A critical vulnerability in Apache Struts 2 is being actively and heavily exploited, even though the patch for it has been released on Monday. System administrators are …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released whent there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools