Security News

Still afraid of no ghost? You didn't read the script Google Project Zero bug-hunter Tavis Ormandy took a "random look at the new release" of Ghostscript, and turned up a vulnerability that works...

The EU is offering "bug bounties on Free Software projects that the EU institutions rely on." Slashdot thread....

After setting up a bug bounty program for VLC Media Player in late 2017, the European Commission (EC) has announced the launch of 14 new ones that will cover other free and open source software...

Rewards on 15 bug bounty programs start at $28,600 and include open source software such as KeePass, FileZilla, Drupal and VLC media player.

As the bug bounty programs begin to roll out in January, security experts worry that the programs miss the mark on truly securing open source projects.

New year, new security fails, new CVE Happy New Year! Oh, and if you include GNU's wget utility in software you write, pull down the new version released on Boxing Day and push out updates to your users.…

Maria Loughlin of Veracode on Mitigation StrategiesOpen source components help developers build and deploy applications faster, but with increased speed comes greater risk. Maria Loughlin of...

Wipro Digital and Alfresco expanded global partnership to create, build and run open source based digital transformation programs for its clients, across the globe. The partnership will bring...

A recently discovered piece of malware targeting Mac systems is a combination of two open-source programs, Malwarebytes security researchers warn.  read more

Developers around the world depend on open source components to build their software products. According to industry estimates, open source components account for 60-80% of the code base in modern...