Security Trends 
fedora security assessment
fedora security assessment A Fedora contributor account recently came under scrutiny for apparently AI-generated activity that disrupted the project's bug tracker. . Questionable Bugzilla comments, flawed patches, and improperly closed or reassigned bugs forced maintainers to spend time cleaning up the fallout. There is no evidence that malware was deployed or a backdoor reached production, but the incident exposed a different problem. Open-source projects can be disrupted without compromising a single line of code....
Jun 12, 2026 
Security Vulnerabilities security advisory critical
security advisory critical Attackers are actively exploiting a high-severity vulnerability in Langflow , an open-source platform used to build and run AI workflows. . The flaw turns a file upload into a filesystem write, allowing a user-controlled file to escape the application's intended upload directory and land in locations Langflow was never supposed to touch. The vulnerable upload endpoint permits path traversal through crafted filenames. From there, the impact depends heavily on how the platform is deployed. A...
Jun 11, 2026 
Vendors/Productssecurity advisory linux
security advisory linux With npm v12 , dependency preinstall, install, and postinstall scripts will no longer execute automatically during package installation. Script execution will require explicit approval through new controls such as npm approve-scripts, with the change expected to arrive in July 2026. . The announcement targets a part of the software supply chain that has repeatedly appeared in package registry abuse, credential theft, and CI/CD compromise investigations. A single npm install could trigger code...
Jun 11, 2026 
Security Vulnerabilities security advisory zero-day
security advisory zero-day CISA added CVE-2026-11645 to its Known Exploited Vulnerabilities catalog after Google confirmed active exploitation of the flaw. The bug sits in V8, the JavaScript engine behind Chrome and Chromium. . That's where this gets more interesting. Most coverage will focus on Chrome because that's where the patch landed. But the affected component is V8. Chromium relies on it. Electron relies on it. Plenty of desktop software Linux users interact with every day relies on it too, often without much...
Jun 10, 2026 
Network Securitysecurity advisory networking
security advisory networking For years, IPv4 was the only proxy type that really mattered for anyone running automation off a Linux box. IPv6 was the protocol everyone said they’d migrate to, but almost nobody actually did. In 2026, that’s finally starting to shift. . The problem is that most admins stick with IPv4 out of habit. They know it; it’s what their tooling defaults to, and they don’t see a reason to change. Some are overpaying for addresses they don’t need. Others would quietly break their scrapers, scripts, or...
Jun 09, 2026 
Refine news
X Clear Filters Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -3 articles for you...
78
security softwarevulnerability scannerNessusNessus 3.0 Licensing Shift: Impact On Open Source Security Community
"Here's the danger we are running into," said Alan Shimel, Chief Strategy Officer for StillSecure. "People contribute resources to these communities, whether it be time, money, or code. When they see everything they give converted for the commercial success of an individual rather than as a community as a whole, how long do you think they are going to want to keep giving?" . Nessus, maker of one of the most popular open-source vulnerability scanner programs available, changed its licensing agreement with the release of version 3.0.0 on December 12, causing a bit of a stir among security industry players that rely on the code as a component of their commercial solutions. The latest version is not available under the GPL, but instead will be sold as a commercial product. The recent licensing changes affect a broad spectrum of users, including corporations, the open-source community, and even businesses using services that use Nessus. So what exactly does this mean for open source? Is it the end of the age of innocence? What options do interested parties have going forward? The link for this article located at Linux Insider is no longer available. . The change in Nexus's licensing has sparked worries regarding the trajectory of community-driven development and the faith users have in the ecosystem.. Open Source Vulnerability Scanners, Nessus Licensing, Community Contributions, Security Software. . LinuxSecurity.com Team
Dec 22, 2005 •
Vendors/Products 78
software updateopen sourceSpamAssassinSpamAssassin 3.0: New Apache License for Enhanced Email Filtering
Programmers on Wednesday released the new version 3.0 of SpamAssassin, open-source software for filtering out unwanted e-mail, but the changes are as much legal as technological. . . .. Project leaders for the widely used software chose to enter the fold of the Apache Software Foundation to take advantage of the nonprofit group's legal and technical resources. To make the move, SpamAssassin had to adopt the Apache License. Previously, the software was available under a choice of two licenses: the General Public License (GPL) that governs Linux and many other open-source programs and the Perl Artistic License. Open-source software advocates tout the fact that their programming philosophy permits large numbers of people to contribute to a project. But making the license change illustrated a difficulty of that broad collaboration: Project leaders had to secure the permission from all programmers who had contributed to SpamAssassin. The link for this article located at Stephen Shankland CNET News.com is no longer available. . The development team behind the popular application decided to integrate with the Linux Foundation to gain additional support.. SpamAssassin, Open-Source License, Apache Foundation, Email Filtering. . LinuxSecurity.com Team
Sep 23, 2004 • Vendors/Products 
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More