open source
Dependency Combobulator: Open source toolkit to combat dependency confusion attacks
Apiiro released Dependency Combobulator, a modular and extensible open source toolkit to detect and prevent dependency confusion attacks. The toolkit, available on GitHub, …
Trojan Source bugs may lead to extensive supply-chain attacks on source code
Cambridge University researchers have detailed a new way targeted vulnerabilities can be introduced into source code while making them invisible to human code reviewers, …
Regulation fatigue: A challenge to shift processes left
Recent high-profile supply chain attacks have heightened the need for increased regulation of the open-source community. In the U.S., for example, President Biden’s …
Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …
ThreatMapper: Open source platform for scanning runtime environments
Deepfence announced open source availability of ThreatMapper, a signature offering that automatically scans, maps and ranks application vulnerabilities across serverless, …
KuberLogic open-source platform turns infrastructure into a managed PaaS
CloudLinux launched a new open-core project – KuberLogic – software that allows DevOps to set up scalable, self-healing PaaS on top of your Kubernetes cluster. Available on …
Apache OpenOffice users should upgrade to newest security release!
The Apache Software Foundation (ASF) has released Apache OpenOffice 4.1.11, which fixes a handful of security vulnerabilities, including CVE-2021-33035, a recently revealed …
Securing Kubernetes as it becomes mainstream
In this interview with Help Net Security, Shauli Rozen, CEO at ARMO, talks about securing Kubernetes (K8s) systems, what makes them susceptible to cyberattacks and what should …
Open source cyberattacks increasing by 650%, popular projects more vulnerable
Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report …
Kali Linux 2021.3 released: Kali NetHunter on a smartwatch, wider OpenSSL compatibility, new tools, and more!
Offensive Security has released Kali Linux 2021.3, the latest version of its popular open source penetration testing platform. You can download it or upgrade to it. Kali Linux …
OpenSSL 3.0: A new FIPS module, new algorithms, support for Linux Kernel TLS, and more
The OpenSSL Project has released OpenSSL 3.0, a major new stable version of the popular and widely used cryptography library. What is OpenSSL? OpenSSL contain an open-source …
Building for transactional workloads is the primary concern around deploying Kubernetes
Research conducted by Cockroach Labs and Red Hat shows 94% of organizations surveyed deploy services and applications on Kubernetes — but how they deploy varies widely. The …
Featured news
Resources
Don't miss
- LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
- The architecture of subtraction: Why it’s time to erase the roads, not just map the traffic
- Treating AI agents like service accounts for federated query security
- Malware ships with bugs that defenders could use against it
- Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)