The update for the Mozilla Firefox browser to version 184.108.40.206 does not remove all of the vulnerabilities disclosed in the changelog, and the update introduces some new bugs.more »
Two protocol handlers give attackers the ability to inject malicious code into X Font Server (XFS). Linux systems are only vulnerable to local attacks. The X Font Server is not accessible over networks by default.more »
A Red Hat update has just been released to close various vulnerabilities in the Xen virtualization solution, one of which was caused by an error in a Python script.more »
An unknown software researcher discovered a highly critical vulnerability in the Star Office package. Manufacturer Sun has released patches to resolve the issue.more »
Four bugs have been discovered in the free Image Magick image manipulation Software and classified as highly critical by several security research services. A new version closes the security holes.more »
The KDE Display Manager (KDM) can be exploited to allow users to log in without a password. This would give users the ability to log in as other users or even root.more »
A moderately critical vulnerability was discovered in the QUtf8Decoder of Trolltech's Qt Framework.more »
The latest version of Samba, 3.0.26, removes a moderately critical vulnerability that only occurs in combination with Microsoft's Active Directory Service.more »
Mozilla’s product think tank sinks silently into history.
TODO group will focus on open source tools in large-scale environments.
New tool will look like GParted but support a wider range of storage technologies.
New public key pinning feature will help prevent man-in-the-middle attacks.
Carnegie Mellon researchers say 3 million pages could fall down the phishing hole in the next year.
The US government rolls new best-practice rules for protecting SSH.
Klaus Knopper announces the latest version of his iconic Live Linux system.
All websites that use these popular CMS tools could be vulnerable to denial of service attacks if users don't install the updates.
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.