Tag: Open Source Software
-
GitLab fixes critical SSO bypass vulnerabilities in update
The signature verification for the SSO system could be bypassed by using a specially crafted XML input, essentially allowing the attacker …
-
LibreOffice downloads on the rise as users look to avoid subscription costs
Interest in LibreOffice, the open-source alternative to Microsoft Office, is on the rise, with weekly downloads of its software package …
-
EFF In Conversation With Ron Deibert on Chasing Shadows
Join EFF’s Cindy Cohn and Eva Galperin in conversation with Ron Deibert of the University of Toronto’s Citizen Lab, to discuss Ron’s …
-
OpenSSF Publishes Security Framework for Open Source Software
The Open Source Security Foundation (OpenSSF) has claimed a “significant milestone” after releasing a new set of best practices …
-
Week in review: PostgreSQL 0-day exploited in US Treasury hack, top OSINT books to learn from
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: A PostgreSQL zero-day was also …
-
Critical OpenSSH Vulnerabilities Expose Users to MITM and DoS Attacks
Two critical OpenSSH vulnerabilities discovered! Qualys TRU finds client and server flaws (CVE-2025-26465 & CVE-2025-26466) enabling MITM …
-
OpenSSH Flaws Expose Systems to Critical Attacks
Two significant security vulnerabilities in networking utility OpenSSH have been uncovered by security researchers. These flaws, identified …
-
FreSSH bugs undiscovered for years threaten OpenSSH security
Researchers can disclose two brand-new vulnerabilities in OpenSSH now that patches have been released. Qualys discovered the bugs in …
-
Critical PostgreSQL bug tied to zero-day attack on US Treasury
A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US …
-
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
Threat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support …
-
7-Zip 0-Day Flaw Added to CISA’s List of Actively Exploited Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical 0-day vulnerability affecting the popular file …
-
7-Zip 0-day was exploited in Russia’s ongoing invasion of Ukraine
Researchers said they recently discovered a zero-day vulnerability in the 7-Zip archiving utility that was actively exploited as part of …
●●●