-
+17 +3
Vulnerabilities for AI and ML Applications are Skyrocketing
In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code Execution indicates an urgent need to improve security measures in AI development.
-
+20 +4
OpenSSF warns of Open Source Social Engineering Threats
What are the trust best practices? We honestly don't know yet. But, if we're to trust our open source projects, we must figure it out.
-
+19 +6
Roku: Credential Stuffing Attacks Affect 591,000 Accounts
Almost 600,000 Roku customers had their accounts hacked through two credential-stuffing attacks several weeks apart.
-
+33 +2
Meet the System Package Data Exchange: SPDX 3.0, with Profiles
The latest version of the newly renamed System Package Data Exchange (SPDX) was announced Tuesday at Open Source Summit North America.
-
+33 +2
Outlook is Microsoft’s new data collection service
The new Outlook now appears to be a data collection service for Microsoft’s 801 external partners for targeted advertising.
-
+17 +2
Locking down container security once and for all with Rust-based Edera
This new open-source project built on the Xen hypervisor will bring a new level of security to containers.
-
+40 +3
This backdoor almost infected Linux everywhere: The XZ Utils close call
For the first time, an open-source maintainer put malware into a key Linux utility. We're still not sure who or why - but here's what you can do about it.
-
+35 +7
KubeCon24: Red Hat OpenShift 4.15 Accelerates App Delivery
Grounded in Kubernetes 1.28 and CRI-O 1.28, OpenShift is Red Hat's platform for hybrid cloud and edge application development.
-
+35 +4
Malicious Code in Linux xz Libraries Endangers SSH
Most users won't be affected by this malware, but if it had gone undetected for a few more months, everyone using Linux would have faced their biggest security disaster ever.
-
+33 +4
Number of data breaches falls globally, triples in the US
The Global data breach statistics report comes from Surfshark, which counts every leaked email address used to register for online services as a separate user account.
-
+37 +4
Python Users: BIPClip Is After Your Bitcoin Wallet, Via PyPI
Python Package Index (PyPI) packages found hiding Bitcoin wallet hacking tools.
-
+42 +2
SUSE Upgrades Its Rancher Kubernetes Management Family
The new features are designed to empower platform engineering teams to offer developers self-service capabilities alongside bolstered support for AI workloads.
-
+36 +3
NVD slowdown leaves thousands of vulns without analysis data
Security world reacts as NIST does a lot less of oft criticized, 'almost always thankless' work
-
+32 +5
The Linux Foundation and its partners are working on cryptography for the post-quantum world
Quantum computing is very much a mixed blessing.
-
+30 +3
Linux gets into the CVE security business
The Linux kernel developers are now issuing their own, more accurate Common Vulnerabilities and Exposures security bulletins.
-
+36 +2
White House Warns Against Using Memory-Unsafe Languages
The White House's Office of the National Cyber Director urges developers to move to memory-safe languages such as Rust as soon as possible.
-
+31 +2
The S in IoT stands for security
All too many 'smart' devices are security stupid
-
+30 +7
Post-Quantum Resilience for Security Keys
We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks.
-
+38 +5
Clouds vs cryptominers
It doesn't get the headlines of complete cloud failures, but criminal cryptominers such as TeamTNT quietly steal away your cloud resources every day.
-
+36 +6
Australian Government, Of All Places, Says Age Verification Is A Privacy & Security Nightmare
In the past I’ve sometimes described Australia as the land where internet policy is completely upside down. Rather than having a system that protects intermediaries from liability for third party c…
Submit a link
Start a discussion