Menu

Latest articles

The new currency of enterprise velocity
Strengthening the open source supply chain with Red Hat partners
Satellite 6.19 delivers Red Hat Lightspeed on premise security monitoring
Linux Log Analysis: How to Investigate Suspected Log Manipulation During Incident Response
Malicious Go Modules: Securing Your Linux Build Pipeline
https://security-tracker.debian.org/tracker/DSA-6385-1
ESET Threat Report H1 2026 A view of the H1 2026 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts.
EU ‘Chat Control’ snoopfest returns after vote to kill it falls short
GhostApproval: Why Linux Developers Should Audit AI Coding Assistant Permissions
Linux Rootkits Explained: How They Hide and How Defenders Can Respond
Microsoft closes book on Nightmare Eclipse’s RoguePlanet zero-day
Invited to a “job interview” with Netflix or OpenAI? Beware! Your Google password could be at risk
JetBrains seeks to unify fragmented AI-based software development with governance suite
An update that solves one vulnerability can now be installed.
SUSE Dracut Important Command Injection Issue Eased 2026-2803-1
An update that solves one vulnerability can now be installed.
An update that solves three vulnerabilities can now be installed.
Locking Down Linux Network Security with Private Routing Techniques
SpaceXAI launches Grok 4.5, touts lower coding-task costs than AI rivals
Revving up Microsoft’s 10x faster TypeScript 7
Practical challenges in managing Kubernetes at enterprise scale
Three keys to deploying AI agents
Several security issues were fixed in the Linux kernel.
Several security issues were fixed in the Linux kernel.
Security issues were discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure. For Debian 12 bookworm, this problem has been fixed in version 150.0.7871.100-1~deb12u1.
Thief posed as Wi-Fi fixing hero, then stole priceless trophy
This package contains the Perl module CSS::Minifier::XS. Versions of the module before 0.14 have a memory leak when the entire document is minified away (CVE-2026-13593). This update brings version 0.15 which fixes this issue.
Update to opkssh 0.15.0. This release fixes several CVEs in bundled/vendored dependencies: CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH
Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update python-jiter to match. Both packages now use PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update python-jiter to match. Both packages now use PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
Improve GSS KEX algorithms documentation CVE-2026-55653: Fix double free in openssh DH-GEX client path during FIPS known- group validation that leads to client-side denial of service CVE-2026-55654: Fix heap out-of-bounds read during GSSAPI indicator cleanup due to missing NULL terminator
upower 1.91.3: Feature: up-device-battery: Prefer “Standard” over “Fast” charging (!316 (merged), #344 (closed)) Fix: Resolve potential leaks (!327 (merged)) Fix: Potential out-of-bound access (!328 (merged))
Update to opkssh 0.15.0. This release fixes several CVEs in bundled/vendored dependencies: CVE-2026-39829: golang.org/x/crypto/ssh: Denial of Service via crafted public key with excessive parameters CVE-2026-39835: golang.org/x/crypto/ssh: Denial of Service via crafted SSH
This package contains the Perl module CSS::Minifier::XS. Versions of the module before 0.14 have a memory leak when the entire document is minified away (CVE-2026-13593). This update brings version 0.15 which fixes this issue.
Update to 3.2.0 (final). Update PyO3 to 0.29, fixing RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
Update to 0.3.6; this includes an update to PyO3 0.29, which fixes RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update python-jiter to match. Both packages now use PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
Update rust-jiter to 0.16.0, adding a serde Deserializer implementation; update python-jiter to match. Both packages now use PyO3 0.29, with fixes for RUSTSEC-2026-0176 and RUSTSEC-2026-0177.
An update that solves 168 vulnerabilities, contains three features and has 14 security fixes can now be installed.
An update that solves 105 vulnerabilities, contains three features and has 12 security fixes can now be installed.
Smashing Security podcast #475: JadePuffer – the AI that ran a ransomware attack all by itself
GitHub’s public APIs are becoming an enterprise reconnaissance tool
https://security-tracker.debian.org/tracker/DSA-6383-1
https://security-tracker.debian.org/tracker/DSA-6382-1
New xorg-server packages are available for Slackware 15.0 and -current to fix security issues.
New proftpd packages are available for Slackware 15.0 and -current to fix security issues.
New libXfont2 packages are available for Slackware 15.0 and -current to fix security issues.
Suspected Chinese snoops caught breaking into universities’ Roundcube mailservers
mailcap could allow applications to escape sandbox restrictions
Guillaume Winter discovered that pgextwlist, an extension for PostgreSQL implementing a whitelist mechanism for PostgreSQL extensions, was susceptible to SQL injection via crafted schema and user names. For the stable distribution (trixie), this problem has been fixed in version 1.19-1+deb13u1.
An update that solves one vulnerability and has three security fixes can now be installed.