Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
Integrating proprietary and open-source code, APIs, user interfaces, application behavior, and deployment workflows creates an intricate composition in modern applications. Any vulnerabilities within this software supply chain can jeopardize your and your customers’ safety. In this Help Net Security video, Tim Mackey, Head of Software Supply Chain Risk Strategy at Synopsys, discusses supply chain security […]
Continue ReadingRed Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain. The post Red Hat Pushes New Tools to Secure Software Supply Chain appeared first on SecurityWeek.
Continue ReadingIn this Help Net Security interview, we meet a prominent industry leader. Brian Behlendorf, CTO at the Open Source Security Foundation (OpenSSF), shares insights on the influence of his experiences with the White House CTO office, World Economic Forum, and Linux Foundation on leading the OpenSSF and addressing open-source security challenges. Behlendorf discusses the trajectory […]
Continue ReadingA vulnerability (CVE-2023-32784) in the open-source password manager KeePass can be exploited to retrieve the master password from the software’s memory, says the researcher who unearthed the flaw. The bad news is that the vulnerability is still unfixed and that a PoC exploitation tool – aptly named KeePass 2.X Master Password Dumper – is publicly […]
Continue ReadingVous avez déjà entendu parler de la conversion de texte en image. Mais avez-vous déjà entendu parler de la conversion de texte en animation ?
Continue ReadingLe groupe financier BPCE entend valoriser ses développeurs et ses expertises stratégiques en accélérant sur l’open source. Déjà membre du TOSIT, BPCE ouvre donc du code. Et promis, cette démarche s’inscrit dans la durée.
Continue ReadingA new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source components. In this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses the dual-edged nature of open-source software. While it has long been celebrated for its collaborative […]
Continue ReadingOpenSSF has added four new members and is receiving $5 million in funding for its Alpha-Omega open source software security project. The post OpenSSF Receives $5 Million for Open Source Software Security Project appeared first on SecurityWeek.
Continue ReadingLa dernière version du noyau Linux présente des améliorations en matière de sécurité, de vitesse et de puissance pour les architectures Intel, AMD, ARM et RISC-V.
Continue ReadingGitHub is making push protection – a security feature designed to automatically prevent the leaking of secrets to repositories – free for owners of all public repositories. Previously, the feature was available only for private repositories with a GitHub Advanced Security license. This wider availability is aimed at helping developers and maintainers across open source […]
Continue Reading