Security News

Windows Calculator is going open source
2019-03-08 11:46

Can the combined power of the world’s developers possibly improve the iconic Windows Calculator app? Microsoft seems to think so.

Fortanix Releases Open Source SDK for Intel SGX Enclaves
2019-03-06 19:01

Runtime encryption company Fortanix has launched a free and open source software development kit (SDK) for building Intel Software Guard Extensions (SGX) applications. read more

OSSPatcher: Automated mobile application patching for bugs in open source libraries
2019-02-26 11:09

Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile applications. Fulfilling a...

Google Open Sources Fuzzing Platform
2019-02-08 15:04

Google announced this week that it has open sourced ClusterFuzz, the fuzzing infrastructure it built to help finding memory corruption bugs in Chrome. read more

World's favourite open-source PDF interpreter needs patching (again)
2019-01-24 13:32

Still afraid of no ghost? You didn't read the script Google Project Zero bug-hunter Tavis Ormandy took a "random look at the new release" of Ghostscript, and turned up a vulnerability that works...

EU Offering Bug Bounties on Critical Open-Source Software
2019-01-09 13:05

The EU is offering "bug bounties on Free Software projects that the EU institutions rely on." Slashdot thread....

EU launches bug bounties on free and open source software
2019-01-07 11:28

After setting up a bug bounty program for VLC Media Player in late 2017, the European Commission (EC) has announced the launch of 14 new ones that will cover other free and open source software...

EU to offer nearly $1m in bug bounties for open-source software
2019-01-04 11:16

Rewards on 15 bug bounty programs start at $28,600 and include open source software such as KeePass, FileZilla, Drupal and VLC media player.

EU Offers Bug Bounties For 14 Open Source Projects
2019-01-02 15:59

As the bug bounty programs begin to roll out in January, security experts worry that the programs miss the mark on truly securing open source projects.

Open-source devs: Wget off your bloated festive behinds and patch this user cred-blabbing bug
2019-01-02 11:36

New year, new security fails, new CVE Happy New Year! Oh, and if you include GNU's wget utility in software you write, pull down the new version released on Boxing Day and push out updates to your users.…