open-source Archives • Page 4 of 8 • Daily CyberSecurity

VaultGemma: Google’s New AI Model Is the First with Differential Privacy VaultGemma, differential privacy

VaultGemma: Google’s New AI Model Is the First with Differential Privacy

Do Son September 15, 2025

Google’s research team has unveiled the groundbreaking VaultGemma model, heralded as the most powerful large language model...

CUPS Flaws Allow Linux Remote DoS (CVE-2025-58364) and Authentication Bypass (CVE-2025-58060) CUPS vulnerability, Linux printing

CUPS Flaws Allow Linux Remote DoS (CVE-2025-58364) and Authentication Bypass (CVE-2025-58060)

Do Son September 15, 2025

OpenPrinting has released patches addressing two significant security flaws in the Common Unix Printing System (CUPS), a...

Firefox Finally Adds MKV Video Support After an 8-Year Wait Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Sanitizer API Firefox 148 Security Firefox WebRTC Vulnerability CVE-2025-14321 PoC Firefox VPN Feature, Browser-Only VPN Firefox Add-ons Rollback Firefox Encryption Firefox MKV support Firefox ESR, Windows 7

Firefox Finally Adds MKV Video Support After an 8-Year Wait

Do Son September 12, 2025

Firefox has long been criticized for its sluggish response to certain feature requests. For instance, users first...

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE Hiawatha vulnerability

Critical Flaws in Hiawatha Web Server Could Allow Authentication Bypass and RCE

Do Son September 10, 2025

The CERT Coordination Center (CERT/CC) has issued a vulnerability note highlighting three serious flaws in the Hiawatha...

CVE-2025-58450: Critical SQL Injection Flaw in pREST Puts PostgreSQL Databases at Risk MySQL Attacks, UDF Exploitation pREST, SQL injection

CVE-2025-58450: Critical SQL Injection Flaw in pREST Puts PostgreSQL Databases at Risk

Do Son September 9, 2025

The pREST project has issued a security advisory for CVE-2025-58450, a systemic SQL injection flaw that threatens...

The End of an Era? Nova Launcher’s Future Is Now in Doubt Nova Launcher, Branch acquisition

The End of an Era? Nova Launcher’s Future Is Now in Doubt

Do Son September 8, 2025

Nova Launcher is perhaps the most renowned and widely used third-party Android launcher. In 2022, it was...

GNU Guix Issues Advisory for a Critical Privilege Escalation Flaw GNU Guix, privilege escalation guix-daemon vulnerability

GNU Guix Issues Advisory for a Critical Privilege Escalation Flaw

Do Son September 4, 2025

The GNU Guix team has issued a critical security advisory warning users to immediately update their systems...

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns Stealerium, infostealer

Stealerium: How an Open-Source Infostealer Is Being Used in Phishing Campaigns

Do Son September 4, 2025

Proofpoint threat researchers have uncovered a surge in campaigns distributing Stealerium-based malware, an open-source infostealer first released...

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2 GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

GuLoader Malware CloudEye Obfuscation npm, malware Ethereum, npm supply chain OAST techniques StilachiRAT macOS Malware PasivRobber

Crypto as a Weapon: Malicious npm Packages Use Ethereum Smart Contracts for C2

Do Son September 4, 2025

Researchers from ReversingLabs have discovered two malicious npm packages leveraging Ethereum smart contracts to conceal and deliver...

Ubuntu Is Swapping Out Sudo for a More Secure, Rust-Based Version Ubuntu 26.04 sudo-rs Ubuntu 26.04 LTS, Release Schedule Ubuntu update bug, Rust coreutils Ubuntu, sudo-rs NVIDIA CUDA, Ubuntu

Ubuntu 26.04 sudo-rs Ubuntu 26.04 LTS, Release Schedule Ubuntu update bug, Rust coreutils Ubuntu, sudo-rs NVIDIA CUDA, Ubuntu

Ubuntu Is Swapping Out Sudo for a More Secure, Rust-Based Version

Do Son September 3, 2025

Renowned operating system developer Canonical has announced that the upcoming Ubuntu 25.10 release will replace the long-standing...

JetBrains Makes RubyMine Free for Non-Commercial Use JetBrains, RubyMine

JetBrains Makes RubyMine Free for Non-Commercial Use

Do Son September 3, 2025

Integrated development environment (IDE) provider JetBrains has recently been expanding its roster of free products and services,...

Local-First & Secure: A New Open-Source Password Manager Enters the Scene 2Fas Pass, local-first password manager

Local-First & Secure: A New Open-Source Password Manager Enters the Scene

Do Son September 3, 2025

The password manager market has welcomed a new contender: the developers of the open-source authenticator 2Fas Auth...

Beyond Big Tech: Switzerland’s New Open-Source AI Is Built for the Public Good AI Prompt Injection Aqua Trivy Breach AI Assistant Apertus, open-source AI .ai domain milestone

AI Prompt Injection Aqua Trivy Breach AI Assistant Apertus, open-source AI .ai domain milestone

Beyond Big Tech: Switzerland’s New Open-Source AI Is Built for the Public Good

Do Son September 3, 2025

Amid the rapid global advancement of artificial intelligence, Switzerland has chosen to approach the field from the...

JetBrains Makes Its Language Server Protocol API Free JetBrains, LSP API

JetBrains Makes Its Language Server Protocol API Free

Do Son September 2, 2025

The integrated development environment (IDE) tools vendor JetBrains has announced changes to its LSP API—the Language Server...

CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover NeuVector, Kubernetes vulnerability CVE-2025-8077

NeuVector, Kubernetes vulnerability CVE-2025-8077

CVE-2025-8077 (CVSS 9.8): CRITICAL Flaw in NeuVector Exposes Kubernetes Clusters to Full Takeover

Do Son September 1, 2025

The SUSE Rancher Security Team has issued a critical security advisory for NeuVector, an open-source container security...

CVE-2025-8067: Linux Privilege Escalation Flaw Found in UDisks Daemon, PoC Releases UDisks daemon, Linux vulnerability

CVE-2025-8067: Linux Privilege Escalation Flaw Found in UDisks Daemon, PoC Releases

Do Son September 1, 2025

A security researcher has disclosed a serious flaw in the UDisks daemon, a widely used component for...

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution ImageMagick, remote code execution

PoC Published: A Format String Bug in ImageMagick Could Allow Remote Code Execution

Do Son August 29, 2025

The developers of ImageMagick, one of the most widely used open-source image processing libraries, have disclosed a...

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available NodeBB, SQL injection

CVE-2025-50979: SQL Injection Flaw in NodeBB Forum Software, PoC Available

Do Son August 29, 2025

The developers of NodeBB, a popular open-source forum platform, have disclosed a critical vulnerability affecting version v4.3.0....

Broadcom & Canonical Join Forces to Supercharge AI and Cloud with Ubuntu Broadcom Canonical

Broadcom & Canonical Join Forces to Supercharge AI and Cloud with Ubuntu

Do Son August 27, 2025

At VMware Explore 2025 in Las Vegas, Broadcom announced an expanded partnership with Canonical, the steward of...

CVE-2025-54370: SSRF Vulnerability Discovered in PhpSpreadsheet Library CVE-2026-45034 exploit PhpSpreadsheet RCE vulnerability PhpSpreadsheet CVE-2025-54370

CVE-2026-45034 exploit PhpSpreadsheet RCE vulnerability PhpSpreadsheet CVE-2025-54370

CVE-2025-54370: SSRF Vulnerability Discovered in PhpSpreadsheet Library

Do Son August 26, 2025

A newly disclosed security flaw, tracked as CVE-2025-54370, has been identified in PhpSpreadsheet, a PHP-based library that...

Critical Alert 1 Active Exploit Detected Today