security
Show HN: Fence – Sandbox CLI commands with network/filesystem restrictions
https://github.com/Use-Tusk/fence
Added 1 week ago
Supply Chain Vuln Compromised Core AWS GitHub Repos & Threatened the AWS Console
https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild
Added 2 weeks ago
Ansible battle tested hardening for Linux, SSH, Nginx, MySQL
https://github.com/dev-sec/ansible-collection-hardening
Added 3 weeks ago
Years-old bugs in open source took out major clouds at risk • The Register
https://www.theregister.com/2025/11/24/fluent_bit_cves/
Added 2 months ago
Shai-Hulud Returns: Over 300 NPM Packages Infected
https://helixguard.ai/blog/malicious-sha1hulud-2025-11-24
Added 2 months ago
Researchers discover security vulnerability in WhatsApp
https://www.univie.ac.at/en/news/detail/forscherinnen-entdecken-grosse-sicherheitsluecke-in-whatsapp
Added 2 months ago
Azure hit by 15 Tbps DDoS attack using 500k IP addresses
https://www.bleepingcomputer.com/news/microsoft/microsoft-aisuru-botnet-used-500-000-ips-in-15-tbps-azure-ddos-attack/
Added 2 months ago
Azure hit by 15 Tbps DDoS attack using 500k IP addresses
https://techcommunity.microsoft.com/blog/azureinfrastructureblog/defending-the-cloud-azure-neutralized-a-record-breaking-15-tbps-ddos-attack/4470422
Added 2 months ago
sudo-rs Affected By Multiple Security Vulnerabilities - Impacting Ubuntu 25.10 - Phoronix
https://www.phoronix.com/news/sudo-rs-security-ubuntu-25.10
Added 2 months ago
FFmpeg to Google: Fund us or stop sending bugs
https://thenewstack.io/ffmpeg-to-google-fund-us-or-stop-sending-bugs/
Added 2 months ago
Google gets the US government's green light to acquire Wiz for $32B | TechCrunch
https://techcrunch.com/2025/11/05/google-gets-the-us-governments-green-light-to-acquire-wiz-for-32b/
Added 2 months ago
Inside the breach that broke the internet: The untold story of Log4Shell - The GitHub Blog
https://github.blog/open-source/inside-the-breach-that-broke-the-internet-the-untold-story-of-log4shell/
Added 2 months ago
Louvre Heist Fallout Reveals Museum’s Video Security Password Was 'Louvre'
https://www.vice.com/en/article/louvre-heist-fallout-reveals-museums-video-security-password-was-louvre/
Added 2 months ago
MCP-Scanner – Scan MCP Servers for vulnerabilities
https://github.com/cisco-ai-defense/mcp-scanner
Added 3 months ago
Secure AI/ML-Driven Software Development (LFEL1012): Learn to Build Safer Software with AI
https://openssf.org/blog/2025/10/16/a-new-course-on-secure-ai-ml-driven-software-development/
Added 3 months ago
OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code
https://cybersecuritynews.com/openssh-vulnerability-proxycommand/
Added 3 months ago
Introducing CodeMender: an AI agent for code security - Google DeepMind
https://deepmind.google/discover/blog/introducing-codemender-an-ai-agent-for-code-security/
Added 3 months ago
Red Hat data breach escalates as ShinyHunters joins extortion
https://www.bleepingcomputer.com/news/security/red-hat-data-breach-escalates-as-shinyhunters-joins-extortion/
Added 3 months ago
Almost 1 billion Salesforce records stolen, hacker group claims
https://www.reuters.com/sustainability/boards-policy-regulation/almost-1-billion-salesforce-records-stolen-hacker-group-claims-2025-10-03/
Added 3 months ago
Discord customer service data breach leaks user info and scanned photo IDs | The Verge
https://www.theverge.com/news/792032/discord-customer-service-data-breach-hack
Added 3 months ago