open-source Archives • Page 7 of 8 • Daily CyberSecurity

Google Unleashes Gemma 3n: Breakthrough On-Device Multimodal AI for Smartphones & Laptops Google Gemma 3n, On-Device AI

Google Unleashes Gemma 3n: Breakthrough On-Device Multimodal AI for Smartphones & Laptops

Do Son June 30, 2025

Google has recently unveiled Gemma 3n, a groundbreaking open-source, on-device multimodal AI model designed to deliver the...

Good News! Let’s Encrypt Begins Testing IP-Only Certificates — No Domain Needed Merkle Tree Certificates Let's Encrypt 45-Day Certificates ACME Profile Updates 2026 Let’s Encrypt Generation Y, 45-Day TLS Certificates Let's Encrypt, IP Certificates Certificate Revocation Lists

Good News! Let’s Encrypt Begins Testing IP-Only Certificates — No Domain Needed

Do Son June 27, 2025

The free digital certificate authority Let’s Encrypt previously announced plans to offer certificates based solely on IP...

Google Cloud Unveils Gemini CLI: Free AI Assistant Brings Gemini 2.5 Pro to Your Terminal Google Gemini CLI, AI Command Line

Google Cloud Unveils Gemini CLI: Free AI Assistant Brings Gemini 2.5 Pro to Your Terminal

Do Son June 27, 2025

Google Cloud has officially unveiled the developer preview of Gemini CLI (Command Line Interface), a cutting-edge terminal-based...

Mozilla Add-ons Store Overhaul: Closed-Group Extensions Allowed, Privacy Policies Simplified Anthony Enzor-DeMeo Mozilla CEO, Firefox AI Mode 2026 Ad blockers, Copyright Law Firefox China, Mozilla Restructuring Mozilla Add-ons, Policy Update Mozilla leadership - Mozilla collect data Google Antitrust Antitrust Trial

Mozilla Add-ons Store Overhaul: Closed-Group Extensions Allowed, Privacy Policies Simplified

Do Son June 25, 2025

The Mozilla Foundation, the developer behind the Firefox browser, has recently revised its policies governing the Mozilla...

Behind the Commit: CVSS 10.0 Bug Lets Attackers Hijack Gogs Servers Gogs RCE, XSS Vulnerability

Behind the Commit: CVSS 10.0 Bug Lets Attackers Hijack Gogs Servers

Do Son June 24, 2025

The open-source Git service Gogs, known for its simplicity and ease of deployment, disclosures two severe security...

Google Donates A2A Protocol to Linux Foundation: Paving the Way for Open AI Agent Interoperability Google A2A Protocol, Linux Foundation

Google Donates A2A Protocol to Linux Foundation: Paving the Way for Open AI Agent Interoperability

Do Son June 24, 2025

In April, Google introduced the A2A (Agent2Agent) protocol for AI agents, and it has since garnered support...

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform InnoShop vulnerabilities

No Patch, Full Exploit: CVSS 9.9 RCE & IDOR Flaws in InnoShop eCommerce Platform

Do Son June 24, 2025

Security researcher TheHiker disclosured three serious vulnerabilities in InnoShop, an open-source eCommerce system built on Laravel 12....

Critical Meshtastic Flaw: Key Duplication Allows Message Decryption & Node Hijacking Meshtastic, Cryptographic Flaw

Critical Meshtastic Flaw: Key Duplication Allows Message Decryption & Node Hijacking

Do Son June 23, 2025

The developers behind Meshtastic, the popular open-source LoRa mesh networking project, have issued a critical security advisory...

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Critical Mattermost Flaw (CVE-2025-4981, CVSS 9.9) Allows RCE Via Path Traversal

Do Son June 21, 2025

Open-source collaboration platform Mattermost is exposed to a severe vulnerability that threatens the integrity of its deployments...

Critical Pterodactyl RCE (CVSS 10.0): Unauthenticated Attackers Exploiting Flaw Now! Pterodactyl RCE, Game Server Vulnerability

Critical Pterodactyl RCE (CVSS 10.0): Unauthenticated Attackers Exploiting Flaw Now!

Do Son June 20, 2025

A critical security vulnerability has been uncovered in Pterodactyl, the popular open-source game server management panel. Tracked...

Water Curse: GitHub Supply Chain Attack Spreads Malware via Fake Tools, Targets Devs & Gamers

Do Son June 17, 2025

In a sweeping campaign that blends social engineering with software subversion, a newly identified threat actor dubbed...

Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet CVE-2025-3248 PoC script execution

Langflow Under Attacks: CVE-2025-3248 Exploited to Deliver Stealthy Flodrix Botnet

Do Son June 16, 2025

Trend Micro has uncovered an active and sophisticated campaign exploiting a critical remote code execution (RCE) vulnerability...

LibreOffice 25.8 Beta 2 Drops Support for Windows 7/8/8.1 and All 32-bit Systems LibreOffice, Microsoft Office Formats CVE-2023-6185 and CVE-2023-6186 LibreOffice Update, OS Support

LibreOffice, Microsoft Office Formats CVE-2023-6185 and CVE-2023-6186 LibreOffice Update, OS Support

LibreOffice 25.8 Beta 2 Drops Support for Windows 7/8/8.1 and All 32-bit Systems

Do Son June 16, 2025

The renowned open-source and free office suite, LibreOffice, has recently released version 25.8 Beta 2. According to...

Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution Konsole Vulnerability, Linux Security

Critical Command Injection Flaw in KDE Konsole Exposes Users to Arbitrary Code Execution

Do Son June 11, 2025

A newly disclosed critical vulnerability in Konsole, KDE’s popular terminal emulator, has raised serious concerns for Linux...

Microsoft’s “Edit” Text Editor Coming to Windows 11 Command Line Windows 11 Editor, Command Line Editor MS-DOS editor, Command-line editor

Microsoft’s “Edit” Text Editor Coming to Windows 11 Command Line

Do Son June 4, 2025

Microsoft recently introduced and open-sourced a command-line text editor named Edit, which is available for download via...

ModSecurity Alert: New DoS Vulnerability Discovered! ModSecurity, DoS Vulnerability

ModSecurity Alert: New DoS Vulnerability Discovered!

Do Son June 2, 2025

The ModSecurity project has issued a security advisory disclosing a new vulnerability—CVE-2025-48866—in its widely used open-source web...

Red Hat Unveils llm-d: Scaling Generative AI for the Enterprise LLM Inference, Red Hat

Red Hat Unveils llm-d: Scaling Generative AI for the Enterprise

Do Son June 2, 2025

Red Hat has recently unveiled an open-source initiative named llm-d, designed to address the most critical demand...

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching PyPI Supply Chain, Solana Theft

PyPI Supply Chain Attack Steals Solana Private Keys via Covert Monkey-Patching

Do Son June 2, 2025

Socket’s Threat Research Team has uncovered a sophisticated supply chain attack on the Python Package Index (PyPI)...

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination Path Traversal, LLM Vulnerabilities

Path Traversal at Scale: Study Uncovers 1,756 Vulnerable GitHub Projects and LLM Contamination

Do Son June 2, 2025

A study titled “Eradicating the Unseen” reveals the widespread presence of a critical path traversal vulnerability (CWE-22)...

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection Apache Superset, Data Security

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Do Son May 31, 2025

A serious security vulnerability has been discovered in Apache Superset, a widely used open-source data exploration and...

Critical Alert 1 Active Exploit Detected Today