Tag: open-source
-
Open source programming language R patches gnarly arbitrary code exec flaw
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/05/01/r_programming_language_ace_vuln/
-
Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover
by
in SecurityNewsThree vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host. The post l… First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerabilities-in-judge0-lead-to-sandbox-escape-host-takeover/
-
What is the Open-Source Software Security Initiative (OS3I)?
by
in SecurityNewsThe Open-Source Software Security Initiative (OS3I) recently released Securing the Open-Source Software Ecosystem report, which details the members&rs… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/open-source-software-security-initiative/
-
XZ backdoor discovery reveals Linux supply chain attack
by
in SecurityNewsA maintainer for XZ, a popular open source compression library for Linux distributions, compromised the open source project over the course of two yea… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366577602/XZ-backdoor-discovery-reveals-Linux-supply-chain-attack
-
Prompt Fuzzer: Open-source tool for strengthening GenAI apps
by
in SecurityNewsPrompt Fuzzer is an open-source tool that evaluates the security of your GenAI application’s system prompt against dynamic LLM-based threats. Prompt F… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/29/prompt-fuzzer-open-source-genai-applications-security/
-
Typosquatting campaign, malicious packages slam PyPi
by
in SecurityNewsThreat actors used automated typosquatting attacks to lead victims to malicious python packages in yet another campaign targeting the open-source soft… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366577455/Typosquatting-campaign-malicious-packages-slam-PyPi
-
Open source alert over intentionally placed backdoor
by
in SecurityNewsA backdoor in the open source XZ Utils data compression library could have led to widespread compromise across the Linux ecosystem – and the community… First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366577513/Open-source-alert-over-intentionally-placed-backdoor
-
Debian 12: Redefining Stability and Innovation in Open-Source Operating Systems
by
in SecurityNewsDebian holds a distinguished position. Recognized as one of the oldest and most trusted distributions within the Linux ecosystem, Debian continues to … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/debian-12-redefining-stability-and-innovation-in-open-source-operating-systems/
-
Grafana Tool Vulnerability Let Attackers Inject SQL Queries
by
in SecurityNewsThe popular open-source platform Grafana, widely used for monitoring and observability, has been found to contain a severe SQL injection vulnerability… First seen on gbhackers.com Jump to article: gbhackers.com/grafana-tool-vulnerability/
-
Die 10 größten Open-Source-Risiken
by
in SecurityNewsQuelloffene Komponenten richtig abzusichern, wird immer wichtiger. Dieses OWASP-Ranking hilft, die wesentlichen Open-Source-Risiken im Blick zu behalt… First seen on csoonline.com Jump to article: www.csoonline.com/de/a/die-10-groessten-open-source-risiken
-
LSA Whisperer: Open-source tools for interacting with authentication packages
by
in SecurityNewsLSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is cur… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/26/lsa-whisperer-open-source-tools-for-interacting-with-authentication-packages/
-
Microsoft Releases New-Open Source Tool for OT Security
by
in SecurityNewsICSpector Is Now on GitHub, Scans PLCs, Extracts Info and Detects Malicious Code. Microsoft has released a new open-source security tool to close gaps… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/microsoft-releases-new-open-source-tool-for-ot-security-a-24961
-
Europe’s Cyber Resilience Act: Redefining open source
by
in SecurityNewsAmid an increasingly complex threat landscape, we find ourselves at a crossroads where law, technology and community converge. As such, cyber resilien… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/cyber-resilience-act-open-source/
-
Open-Source Software Security
by
in SecurityNewsOpen-source software security is crucial in today’s cloud-native world. Learn about vulnerabilities, dependencies, and tools to improve security in th… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/open-source-software-security/
-
Quick Guide to the OWASP OSS Risk Top 10
by
in SecurityNewsThere’s more to open source risk than CVEs! The post more to open source risk than CVEs! The post more to open source risk than CVEs! The post more to… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/quick-guide-to-the-owasp-oss-risk-top-10/
-
Manipulationsversuche bei Open Source-Projekten – OpenSSF und OpenJS warnen vor Cyberattacken
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/warnung-vor-uebernahme-angriffen-bei-open-source-projekten-a-c875e4e517e7ea27ef3103be4555fc15/
-
Open Source Tool Looks for Signals in Noisy AWS Cloud Logs
by
in SecurityNewsPermiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/open-source-tool-looks-signals-in-noisy-aws-cloud-logs
-
6 Top Open-Source Vulnerability Scanners Tools
by
in SecurityNewsOpen-source vulnerability scanners identify security vulnerabilities in apps, networks, and systems. Compare features and functionalities with our gui… First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/applications/open-source-vulnerability-scanners/
-
Critical Apache HugeGraph Flaw Let Attackers Execute Remote Code
by
in SecurityNewsSecurity researchers have identified a critical vulnerability in Apache HugeGraph, an open-source graph database tool. This flaw, if exploited, could … First seen on gbhackers.com Jump to article: gbhackers.com/critical-apache-hugegraph-flaw/
-
Cloud Console Cartographer: Open-source tool helps security teams transcribe log activity
by
in SecurityNewsCloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioner… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/22/cloud-console-cartographer-open-source-tool/
-
Report: Russian Hackers Targeting Ukrainian Soldiers on Apps
by
in SecurityNewsRussian Hackers Using Open-Source Malware on Popular Messaging Apps, Report Says. Ukraine’s Computer Emergency Response Team is warning in an April re… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/report-russian-hackers-targeting-ukrainian-soldiers-on-apps-a-24919
-
Protobom: Open-source software supply chain tool
by
in SecurityNewsProtobom is an open-source software supply chain tool that enables all organizations, including system administrators and software development communi… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/19/protobom-open-source-software-supply-chain-tool/
-
Collaborative Scheduling: Enhancing Team Coordination With Open-Source Tools
by
in SecurityNewsFirst seen on hackread.com Jump to article: www.hackread.com/collaborative-scheduling-enhancing-team-coordination-open-source-tools/
-
Damn Vulnerable RESTaurant: Open-source API service designed for learning
by
in SecurityNewsDamn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code throug… First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/04/17/damn-vulnerable-restaurant-open-source-api-service/
-
Why Understanding Your Open Source Licenses Matters
by
in SecurityNews
Tags: open-sourceFully understanding open-source licenses is crucial for your projects and organization. Let’s look at where these licenses come from and how they can … First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/why-understanding-your-open-source-licenses-matters/
-
Open-Source Tool Looks for Signals in Noisy AWS Cloud Logs
by
in SecurityNewsPermiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look inside Amazon Web Services events logs for signs of… First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/open-source-tool-looks-signals-in-noisy-aws-cloud-logs
-
New open-source project takeover attacks spotted, stymied
by
in SecurityNewsThe OpenJS Foundation has headed off a >>credible takeover attempt
-
Open Source Leaders Warn of XZ Utils-Like Takeover Attempts
by
in SecurityNews
Tags: open-sourceFirst seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/open-source-xz-utilslike-takeover/