Menu

Latest articles

Legacy TLS tour continues with Exchange Online blocking old versions from July 2026
CISA flags data-theft bug in NSA-built OT networking tool
GitHub: Woah, a genuinely helpful AI-assisted bug report that isn’t total slop. Here, Wiz, take this wad of cash
Several security issues were fixed in OpenSSH.
An update that solves two vulnerabilities and has one security fix can now be installed.
Alleged Silk Typhoon hacker extradited to the United States to face charges
Multiple vulnerabilities where identified in polkit, a toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes. CVE-2021-4115 Kevin Backhouse of GitHub Security Lab (GHSL) found that there is a
EU waves through open source age-check tool to keep kids safe online
Critical GitHub RCE bug exposed millions of repositories
PackageKit could be made to install packages as the administrator.
Oracle NetSuite announces AI coding skills for SuiteCloud developers
GoDaddy customer claims registrar transferred 27-year-old domain without any security checks
A new challenge for software product managers
Why it’s so hard to create stand-alone Python apps
An update that solves 14 vulnerabilities and has five security fixes can now be installed.
An update that solves 14 vulnerabilities and has five security fixes can now be installed.
30 ClawHub skills secretly turn AI agents into a crypto swarm
More fake extensions linked to GlassWorm found in Open VSX code marketplace
https://security-tracker.debian.org/tracker/DSA-6236-1
https://security-tracker.debian.org/tracker/DSA-6237-1
https://security-tracker.debian.org/tracker/DSA-6231-1
Don’t pay Vect a ransom – your data’s likely already wiped out
Kernel Hardening Trends: Whats Changing in Upstream Security Controls
Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak
Important: gdk-pixbuf2 security update
Important: firefox security update
Important: kernel security update
Important: sudo security update
Important: grafana security update
Important: firefox security update
GitHub shifts Copilot to usage-based billing, signaling a new cost model for enterprise AI tools
Xiaomi releases MIT‑licensed MiMo models for long‑running AI agents
OpenAI’s Symphony spec pushes coding agents from prompts to orchestration
SUSE’s sovereignty pitch meets an inconvenient $6 billion question
Enterprise AI is missing the business core
The front-end architecture trilemma: Reactivity vs. hypermedia vs. local-first apps
French police arrest 21-year-old “HexDex” hacker over 100 alleged data breaches
https://security-tracker.debian.org/tracker/DSA-6232-1
https://security-tracker.debian.org/tracker/DSA-6233-1
https://security-tracker.debian.org/tracker/DSA-6234-1
https://security-tracker.debian.org/tracker/DSA-6235-1
Ongoing supply-chain attack ‘explicitly targeting’ security, dev tools
Medical and utility tech companies hacked by digital intruders
Several security issues were fixed in nginx.
Pillow could be made to crash if it opened a specially crafted file.
HAProxy could be made to expose sensitive information over the network.
Little CMS could be made to crash or run programs if it opened a specially crafted ICC profile.
ClamAV could be made to crash if it opened a specially crafted HTML file.
Several security issues were fixed in strongSwan.
Ubuntu PackageKit Critical Local Privilege Escalation CVE-2026-41651