7 matches found
Malicious code in @zalastax/nolb-cii (npm)
The package @zalastax/nolb-cii was found to contain malicious code...
MAL-2025-10911 Malicious code in @zalastax/nolb-cii (npm)
The package @zalastax/nolb-cii was found to contain malicious code...
Security Scorecards - Security Health Metrics For Open Source
Security Health Metrics For Open Source Motivation A short motivational video clip to inspire us: https://youtu.be/rDMMYT3vkTk "You passed! All D's ... and an A!" Goals 1. Automate analysis and trust decisions on the security posture of open source projects. 2. Use this data to proactively improv...
SUSE SLED12 / SLES12 Security Update : libseccomp (SUSE-SU-2019:2941-1)
This update for libseccomp fixes the following issues : Update to new upstream release 2.4.1 : Fix a BPF generation bug where the optimizer mistakenly identified duplicate BPF code blocks. Updated to 2.4.0 bsc1128828 CVE-2019-9893: Update the syscall table for Linux v5.0-rc5 Added support for the...
NCIIPC: It's Time to Step Forward And Protect Our Critical Infrastructures from Cyber Attacks
The IT threat landscape has changed dramatically over the last three-four years. With no shortage of threat actors, from hacktivists to nation-states, criminals to terrorists, all of them are now after something new. It's no more just about stealing your money, credit cards and defacing websites,...
Linux Foundation Badge Program Boost Open Source Security
The Linux Foundation says a new Core Infrastructure Initiative CII Best Practices Badge program launched Tuesday will help companies interested in adopting open source technologies evaluate projects based on security, quality and stability. The CII Best Practices Badge does not issue certificates...
Core Infrastructure Initiative Open Source Security Badge Program
The Core Infrastructure Initiative CII, a consortium of technology companies guided by The Linux Foundation, has thrown good money at solving the security woes of open source software. Since its inception last year, it has provided funding for the OpenSSL project allowing it to hire full-time hel...