Security News

Can the combined power of the world’s developers possibly improve the iconic Windows Calculator app? Microsoft seems to think so.

Runtime encryption company Fortanix has launched a free and open source software development kit (SDK) for building Intel Software Guard Extensions (SGX) applications. read more

Researchers from the Georgia Tech and Peking University are working on OSSPatcher, a system for automatic patching of vulnerable open source libraries included in mobile applications. Fulfilling a...

Google announced this week that it has open sourced ClusterFuzz, the fuzzing infrastructure it built to help finding memory corruption bugs in Chrome. read more

Still afraid of no ghost? You didn't read the script Google Project Zero bug-hunter Tavis Ormandy took a "random look at the new release" of Ghostscript, and turned up a vulnerability that works...

The EU is offering "bug bounties on Free Software projects that the EU institutions rely on." Slashdot thread....

After setting up a bug bounty program for VLC Media Player in late 2017, the European Commission (EC) has announced the launch of 14 new ones that will cover other free and open source software...

Rewards on 15 bug bounty programs start at $28,600 and include open source software such as KeePass, FileZilla, Drupal and VLC media player.

As the bug bounty programs begin to roll out in January, security experts worry that the programs miss the mark on truly securing open source projects.

New year, new security fails, new CVE Happy New Year! Oh, and if you include GNU's wget utility in software you write, pull down the new version released on Boxing Day and push out updates to your users.…