Potentially serious security flaws have been found in existing versions of the Mambo and Joomla content management systems, and developers of the two projects are advising users to install upgrades or security patches as soon as possible.
A French-based Englishman, John Graham-Cumming, is about 666,666 clicks away from creating a weapon to kill spam for good.
A free Web browser that bills itself as a tool for privacy protection is, in fact, a click-fraud engine for pornographic Web sites, security vendor Panda Software warned Friday.
A mass e-mail sent out last week by open-source database vendor MySQL erroneously contained the e-mail addresses of about 9,300 customers instead of information on a series of software-support special offers that the company meant to publicize.
KDE made two security announcements today, the KDM Symlink Vulnerability is a potential local exploit on systems using KDM as their login manager. Artswrapper return value checking vulnerability affects Linux 2.6 systems that have artswrapper installed SUID root.
Linux is insecure. Open source is insecure. Windows is insecure. All software is insecure.
Deal with it.
OpenOffice.org responded Friday to claims in the media that the first virus had been discovered for the open source productivity suite. The group said that macro viruses are possible in any program that supports the feature.
A recently discovered security issue in Snort, the open source intrusion prevention and detection technology used in government agencies and many large corporations, could allow attackers to bypass security on compromised machines.
Tony Griffiths has reported a vulnerability in the Linux Kernel, which can be exploited malicious, local users to cause a DoS (Denial of Service).