open-source Archives • Page 3 of 8 • Daily CyberSecurity

The Performance Propeller: Google Proposes Upstreaming Its High-Octane Optimizer to LLVM Google Propeller LLVM integration, Profile-Guided Optimization (PGO) Linux Kernel AI, AI Code Guidelines CVE-2024-0193 PoC exploit

The Performance Propeller: Google Proposes Upstreaming Its High-Octane Optimizer to LLVM

Do Son December 29, 2025

Google engineers have proposed integrating the Propeller tool into LLVM’s main codebase. Propeller is a profile-guided optimizer...

Open-Source Standoff: GitHub Freezes Rockchip’s Code After Two-Year FFmpeg License Battle Rockchip FFmpeg DMCA takedown, GitHub MPP repository disabled

Rockchip FFmpeg DMCA takedown, GitHub MPP repository disabled

Open-Source Standoff: GitHub Freezes Rockchip’s Code After Two-Year FFmpeg License Battle

Do Son December 28, 2025

Rockchip Electronics, a company focused on chip design, has found itself at the center of controversy after...

Linux Kernel 6.19 Slashes Latency & Boosts Legacy AMD GPUs by 30% Linux Kernel 6.19 AMDGPU update, GCN 1.0 1.1 performance boost Linux Sanctions Risk Linux i486

Linux Kernel 6.19 AMDGPU update, GCN 1.0 1.1 performance boost Linux Sanctions Risk Linux i486

Linux Kernel 6.19 Slashes Latency & Boosts Legacy AMD GPUs by 30%

Do Son December 24, 2025

In 2011, AMD introduced its Graphics Core Next 1.0 architecture, codenamed Southern Islands, debuting with the now-iconic...

The PowerShell Pivot: MAS Roadmap Reveals End of Batch Scripting Era MAS PowerShell migration, Windows activation roadmap

The PowerShell Pivot: MAS Roadmap Reveals End of Batch Scripting Era

Do Son December 24, 2025

The development team behind the well-known activation tool MAS recently published a blog post outlining its future...

AI’s Exposed Side Door: Dify Flaw (CVE-2025-63387) Leaks System Configs to Anonymous Users Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

Dify API Key Exposure, LLM Security Dify Information Disclosure, LLM Security

AI’s Exposed Side Door: Dify Flaw (CVE-2025-63387) Leaks System Configs to Anonymous Users

Do Son December 22, 2025

As the race to build the next generation of AI applications accelerates, a significant security gap has...

ImageMagick Flaw Risks Arbitrary Memory Disclosure via PSX TIM File Integer Overflow on 32-bit Systems ImageMagick Vulnerability CVE-2026-23876 ImageMagick TIM Overflow, Memory Disclosure Flaw ImageMagick vulnerabilities, memory corruption CVE-2023-34152

ImageMagick Flaw Risks Arbitrary Memory Disclosure via PSX TIM File Integer Overflow on 32-bit Systems

Do Son December 15, 2025

A high-severity vulnerability has been uncovered in ImageMagick, the ubiquitous open-source image processing suite used by millions...

OpenAI, Anthropic, Google Unite: Launch Agentic AI Foundation Under Linux Agentic AI Foundation, MCP Protocol Open-Source Chrome DevTools AI, MCP Protocol Model Context Protocol (MCP) Gemini AI Windows AI future, AI interoperability

Agentic AI Foundation, MCP Protocol Open-Source Chrome DevTools AI, MCP Protocol Model Context Protocol (MCP) Gemini AI Windows AI future, AI interoperability

OpenAI, Anthropic, Google Unite: Launch Agentic AI Foundation Under Linux

Do Son December 10, 2025

Several leading technology and artificial intelligence companies recently announced the joint establishment of the Agentic AI Foundation...

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork lz4-java Out-of-bounds Read, Library EOL

lz4-java Out-of-bounds Read, Library EOL

Discontinued Library: High-Severity lz4-java Flaw (CVE‐2025‐12183) Forces Immediate Migration to Community Fork

Do Son December 3, 2025

A high-severity vulnerability, tracked as CVE‐2025‐12183, has been disclosed in the popular lz4-java compression library, exposing applications...

Thunderbird 145: Native Microsoft Exchange Support Makes Outlook Migration Easy! Thunderbird for iOS Thunderbird Exchange Native EWS Support

Thunderbird 145: Native Microsoft Exchange Support Makes Outlook Migration Easy!

Do Son November 20, 2025

The Mozilla Foundation’s open-source email client Thunderbird has released version 145.0, introducing full, native support for Microsoft...

OpenAI Releases GPT-OSS-SafeGuard Models for Customizable AI Safety GPT-OSS-SafeGuard, AI safety ChatGPT Memory Management, Paid Feature ChatGPT Teens ChatGPT, mental health

GPT-OSS-SafeGuard, AI safety ChatGPT Memory Management, Paid Feature ChatGPT Teens ChatGPT, mental health

OpenAI Releases GPT-OSS-SafeGuard Models for Customizable AI Safety

Do Son October 30, 2025

Earlier in 2025, OpenAI released its own open-source artificial intelligence models, namely GPT-OSS-20B and GPT-OSS-120B, both of...

Values Over Cash: Python Foundation Rejects $1.5M US Grant Over Anti-DEI Clause Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Python Security Memory Safety PLY Vulnerability CVE-2025-56005 Python Software Foundation, NSF DEI CVE-2024-12254

Values Over Cash: Python Foundation Rejects $1.5M US Grant Over Anti-DEI Clause

Do Son October 28, 2025

In January 2025, the Python Software Foundation (PSF) submitted a proposal to the U.S. National Science Foundation...

7-Zip Flaw (CVE-2025-11001) with Public Exploit Code Threatens Unpatched Systems 7-Zip heap buffer overflow CVE-2025-0411 7-Zip path traversal

7-Zip Flaw (CVE-2025-11001) with Public Exploit Code Threatens Unpatched Systems

Do Son October 21, 2025

Researchers recently disclosed a path-traversal vulnerability (CVE-2025-11001) in the open-source archiver 7-Zip that allows attackers to craft...

LineageOS 23.0 Released on Android 16: New Camera App, Catapult TV Launcher, and Virtualization Support LineageOS 22.1 LineageOS 23.0, Android 16

LineageOS 23.0 Released on Android 16: New Camera App, Catapult TV Launcher, and Virtualization Support

Do Son October 13, 2025

The successor to the CM system, LineageOS, has recently released version 23.0, developed on Android 16. This...

CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens Formbricks Auth Bypass, CVE-2025-59934

CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens

Do Son September 27, 2025

The Formbricks project, an open-source platform for building in-app and website surveys, has released an urgent patch...

CVE-2025-54831: Apache Airflow Bug Exposes Sensitive Connection Passwords to Read-Only Users Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

Airflow Credential Leak, UI Redaction Failure CVE-2024-39877 & CVE-2024-45784 Airflow Connection Leak, CVE-2025-54831

CVE-2025-54831: Apache Airflow Bug Exposes Sensitive Connection Passwords to Read-Only Users

Do Son September 26, 2025

The Apache Software Foundation has released a fix for Apache Airflow, a popular open-source platform for authoring,...

NVIDIA Open-Sources Audio2Face: Generative AI for Lifelike Character Animation is Now Free NVIDIA Audio2Face, AI Facial Animation

NVIDIA Open-Sources Audio2Face: Generative AI for Lifelike Character Animation is Now Free

Do Son September 25, 2025

NVIDIA has announced the open-sourcing of its Audio2Face model and accompanying SDK, enabling game and 3D application...

New Phishing Campaign Targets PyPI Maintainers with Fake Domain Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

Layoff Phishing Scam Remcos RAT Malware Aruba Phishing, Phishing-as-a-Service PyPI, phishing CVE-2024-25608 PyPI Phishing, Credential Theft

New Phishing Campaign Targets PyPI Maintainers with Fake Domain

Do Son September 25, 2025

The Python Package Index (PyPI) is once again the target of a phishing campaign aimed at maintainers,...

OpenSSF Warns: Open Source Software Is Not a Free Service OpenSSF, open source

OpenSSF Warns: Open Source Software Is Not a Free Service

Do Son September 24, 2025

The Open Source Security Foundation (OpenSSF), together with several prominent open-source and software foundations, has issued a...

Meta Open-Sources New AI Model for On-Device Reasoning Meta CEO Agent Mark Zuckerberg MobileLLM-R1, on-device AI Meta Midjourney Meta Pika Labs, AI Video Generation EU AI Regulation, Meta AI Stance Meta AI, PlayAI Acquisition Proactive Chatbots Meta AI, Photo Privacy

Meta CEO Agent Mark Zuckerberg MobileLLM-R1, on-device AI Meta Midjourney Meta Pika Labs, AI Video Generation EU AI Regulation, Meta AI Stance Meta AI, PlayAI Acquisition Proactive Chatbots Meta AI, Photo Privacy

Meta Open-Sources New AI Model for On-Device Reasoning

Do Son September 22, 2025

As generative AI continues to evolve toward lighter and more localized deployments, Meta has announced the open-sourcing...

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Quest KACE Vulnerability CVE-2025-32975 FortiGate SSO Bypass, Active Exploitation GoAnywhere RCE, Storm-1175 Cisco VPN RCE, ASA Zero-Day TinyColor Supply Chain Attack SK Telecom, data breach Erlang/OTP RCE, OT Network Security Ivanti CSA Attacks WordPress RCE, Theme Vulnerability

Malicious Update to Popular NPM Package TinyColor Exposes Software Supply Chains

Do Son September 16, 2025

The Socket Research Team has uncovered a large-scale supply chain attack on the npm ecosystem, with more...

Critical Alert 1 Active Exploit Detected Today