SEARCH
Archive
GitHub Beefs Up Code Scanning With Semmle
Keeping software secure isn't just the developer's job. GitHub is strengthening its ecosystem with tools for developers, researchers, and project maintainers to identify and fix software vulnerabilities.
Open Source Software Needs Funding, Not Bug Bounty Programs
Bug bounty programs fill a need, but the European Union's offer to pay bug bounties for vulnerabilities in open source forgets one thing: projects don't need more flaws. Open source projects need people to fix the flaws.
Critical Kubernetes Bug Gives Anyone Full Admin Privileges
With a 9.8 rating on the Common Vulnerability Scoring System, the privilege escalation flaw in container orchestration system Kubernetes is as bad as it can get. Any user will be able to remotely gain full administrator privileges on any node in the cluster.
Netflix Releases Stethoscope Desktop App to Check Device Health
Netflix has released a desktop version of its open source Stethoscope security health check tool, which provides detailed information on how to fix security issues on a device.