Tag: Open Source
-
Chainguard nabs $140M to secure enterprise applications’ open-source components
Redpoint Ventures, Lightspeed Venture Partners and IVP jointly led the investment. The round, a Series C raise, also included Sequoia …
-
You should probably fix this 5-year-old critical Docker vuln fairly sharpish
Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been …
-
New Secure Code Warrior agent enhances secure-by-design approach for application security teams
Agile learning platform startup Secure Code Warrior Ltd. today introduced a new solution that aims to give security leaders visibility …
-
CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting OSGeo GeoServer …
-
CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools
The Sysdig Threat Research Team (TRT) has revealed significant developments in the activities of the SSH-Snake threat actor. The group, now …
-
GitLab patches 2nd critical pipeline vulnerability in last month
GitLab has patched a second critical vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) that could allow attackers …
-
Severe vulnerabilities addressed by GitLab, others
Numerous severe security issues have been remediated by GitLab, Citrix, and VMware in updates to several of their products, reports The …
-
GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs
GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that …
-
Quantifying the Probability of Flaws in Open Source
Jay Jacobs and I recently delivered an RSA presentation called Quantifying the Probability of Flaws in Open Source. Since many people …
-
Supply chain attack spreads trojanized jQuery packages
Up to 68 malicious iterations of the jQuery software have been distributed across GitHub, npm, and jsDelivr as part of a sophisticated …
-
Mirantis OpenStack for Kubernetes 24.2 automates workload distribution
Mirantis announced Mirantis OpenStack for Kubernetes (MOSK) 24.2 with an exclusive dynamic resource balancer feature that automates …
-
New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk
Select versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). …
●●●