Researchers uncover rare, difficult-to-exploit OpenSSH vulnerability
The OpenSSH bug represents the latest high-profile vulnerability to affect the open-source software ecosystem.
Advertisement
open source
Six-year old bug will likely live forever in Lenovo, Intel products
A report from Binarly finds that a silently patched bug in a popular web server will likely live on in several major end-of-life products.
Supply chain attack sends shockwaves through open-source community
An operation to undermine the software utility XZ Utils has exposed the fragile human foundations on which the modern internet is built.
ONCD releases report on the adoption of memory-safe languages
The effort is aimed at reducing one of the most common vulnerabilities that plague software.
White House releases report on securing open-source software
End-of-year report highlights work from Open-Source Software Security Initiative and targets going forward.
CISA urges vendors to get rid of default passwords
Cybersecurity officials also issued new guidance on open source software through secure-by-design practices.
Advertisement
How the use of open-source AI models for malicious intent threatens federal agencies
August Schell’s Jeremy Corey emphasizes the value of security partnerships as cyberthreat actors look to leverage open-source AI models to elevate their attacks.
Long-awaited curl vulnerability flops
The flaw in the widely used open source software package was expected to be the next great catastrophe in computer security.
Washington summit grapples with securing open source software
The second open source security summit saw a number of the biggest names in tech gather to discuss how to protect open source software.
Congress looks to expand CISA’s role, adding responsibilities for satellites and open source software
Lawmakers advanced four on Wednesday that would broaden the Cybersecurity and Infrastructure Security Agency's portfolio.