Security Trends 
fedora security assessment
fedora security assessment A Fedora contributor account recently came under scrutiny for apparently AI-generated activity that disrupted the project's bug tracker. . Questionable Bugzilla comments, flawed patches, and improperly closed or reassigned bugs forced maintainers to spend time cleaning up the fallout. There is no evidence that malware was deployed or a backdoor reached production, but the incident exposed a different problem. Open-source projects can be disrupted without compromising a single line of code....
Jun 12, 2026 
Security Vulnerabilities security advisory critical
security advisory critical Attackers are actively exploiting a high-severity vulnerability in Langflow , an open-source platform used to build and run AI workflows. . The flaw turns a file upload into a filesystem write, allowing a user-controlled file to escape the application's intended upload directory and land in locations Langflow was never supposed to touch. The vulnerable upload endpoint permits path traversal through crafted filenames. From there, the impact depends heavily on how the platform is deployed. A...
Jun 11, 2026 
Vendors/Productssecurity advisory linux
security advisory linux With npm v12 , dependency preinstall, install, and postinstall scripts will no longer execute automatically during package installation. Script execution will require explicit approval through new controls such as npm approve-scripts, with the change expected to arrive in July 2026. . The announcement targets a part of the software supply chain that has repeatedly appeared in package registry abuse, credential theft, and CI/CD compromise investigations. A single npm install could trigger code...
Jun 11, 2026 
Security Vulnerabilities security advisory zero-day
security advisory zero-day CISA added CVE-2026-11645 to its Known Exploited Vulnerabilities catalog after Google confirmed active exploitation of the flaw. The bug sits in V8, the JavaScript engine behind Chrome and Chromium. . That's where this gets more interesting. Most coverage will focus on Chrome because that's where the patch landed. But the affected component is V8. Chromium relies on it. Electron relies on it. Plenty of desktop software Linux users interact with every day relies on it too, often without much...
Jun 10, 2026 
Network Securitysecurity advisory networking
security advisory networking For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift. . The problem is that most admins stick with IPv4 out of habit. They know it; it’s what their tooling defaults to, and they don’t see a reason to change. Some are overpaying for addresses they don’t need. Others would quietly break their scrapers, scripts, or...
Jun 09, 2026 
Refine news
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
74
spam filteringemail complianceemail regulationsCan-Spam Act Sees High Spam Volume Despite Regulatory Efforts
A federal law intended to curb the scourge of junk e-mail appears to have had little effect so far in discouraging spammers from deluging inboxes. In the two weeks since the Can-Spam Act, a U.S. law barring unscrupulous bulk e-mailing practices, took effect this year, providers of spam-filtering software say they're blocking more messages than ever. Spammers, they say, are either ignoring the law or pretending to comply with guidelines for legitimate e-mail marketing. . . .. A federal law intended to curb the scourge of junk e-mail appears to have had little effect so far in discouraging spammers from deluging inboxes. In the two weeks since the Can-Spam Act, a U.S. law barring unscrupulous bulk e-mailing practices, took effect this year, providers of spam-filtering software say they're blocking more messages than ever. Spammers, they say, are either ignoring the law or pretending to comply with guidelines for legitimate e-mail marketing. "We certainly haven't seen any drop in the volume of spam," said Karl Jacob, chief executive of Cloudmark, a developer of tools for blocking junk e-mail. "It's still the same lock-step day-over-day, minute-over-minute increase." If anything, Jacob said, spammers are getting smarter. In an attempt to outfox filters, they've created programs that rapidly morph the content of messages, so that only three or four identical e-mails are sent out at a time. With the advent of Can-Spam, Jacob said spammers are also increasingly guilty of "faux compliance," exploiting a caveat in the law that permits unsolicited e-mails from legitimate marketers who allow recipients to opt out of future mailings. Unscrupulous junk mailers are pretending to go along with the guidelines by including false return addresses for opting out. Cloudmark, which provides spam blocking primarily to businesses and government agencies, estimates that 45 percent to 50 percent of messages it handled this month were spam, about on par with December. At Brightmail, which filters spam from close to 300 million e-mailinboxes for Internet service providers and businesses, the portion of junk messages was somewhat higher. The company estimated that 61 percent of all e-mails it filtered in the first week of January qualified as spam. In December, prior to Can-Spam's enactment, about 58 percent of the 80 billion messages were deemed spam. The link for this article located at Wired.com is no longer available. . The U.S. Can-Spam legislation has had minimal impact on reducing spam prevalence in email accounts even after its enforcement began.. Email Compliance, Spam Filtering, Email Regulations. . Anthony Pell
Jan 20, 2004 •
Network Security 74
security advisoryemail exploitationnetwork threatCorporate Networks Under Threat From Warspammers Using Wireless Attacks
'Warspammers' are taking advantage of unprotected wireless LANs to send out millions of junk emails. The proliferation of insecure corporate wireless networks is fuelling the growth of drive-by spamming, a security expert warned on Thursday. . .. 'Warspammers' are taking advantage of unprotected wireless LANs to send out millions of junk emails. The proliferation of insecure corporate wireless networks is fuelling the growth of drive-by spamming, a security expert warned on Thursday . Speaking at the First International Security Users Conference in London, Adrian Wright, managing director of Secoda Risk Management, warned that junk emailers are taking advantage of unprotected wireless local area networks to bombard email users with unsolicited and unwelcome messages. "These people simply drive up to a building armed with their pornographic email, log into the insecure wireless network, send the message to 10 million email addresses and then just drive away," said Wright. The link for this article located at ZDNet UK is no longer available. . 'Spam Raiders' are taking advantage of unsecured Wi-Fi networks to distribute countless unsolicited messages, representing a major risk.. Wireless Attacks, Email Exploitation, Network Security, Junk Email. . Anthony Pell
Sep 05, 2002 • Network Security 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More