Kubestronaut in Orbit: Nelson Hilario Filipe
Get to know Nelson This week’s Kubestronaut in orbit is Nelson Hilario Filipe, a DevSecOps Engineer and our first Kubestronaut in Mozambique. Nelson has a strong passion for shift-left security, and embarked on the Kubestronaut program… ⌘ Read more
Notary Project announces Notation v1.3.0 and tspclient-go v1.0.0!
The Notary Project maintainers are thrilled to announce the latest releases, including notation v1.3.0, notation-go v1.3.0, notation-core-go v1.2.0 and tspclient-go v1.0.0! These new versions are production ready and have successfully completed a comprehensive security audit. Check… ⌘ Read more
MacOS Sequoia 15.3.1 Update with Bug Fixes Released
Apple has released MacOS Sequoia 15.3.1 update for Mac users running the Sequoia operating system. The new software update includes bug fixes and security enhancements, making it recommended for all users. Separately, Apple has released iOS 18.3.1 for iPhone, ipadOS 18.3.1 for iPad, watchOS 11.3.1 for Apple Watch, and updates to other Apple devices as … [Read More](https://osxdaily.com/2025/02/10/macos-sequoia-15-3-1-update-with-b … ⌘ Read more
MacOS Sequoia 15.3.1 Update with Bug Fixes Released
Apple has released MacOS Sequoia 15.3.1 update for Mac users running the Sequoia operating system. The new software update includes bug fixes and security enhancements, making it recommended for all users. Separately, Apple has released iOS 18.3.1 for iPhone, ipadOS 18.3.1 for iPad, watchOS 11.3.1 for Apple Watch, and updates to other Apple devices as … [Read More](https://osxdaily.com/2025/02/10/macos-sequoia-15-3-1-update-with-b … ⌘ Read more
MacOS Sonoma 14.7.4 & MacOS Ventura 13.7.4 with Security Updates Released
macOS Sonoma 14.7.4 and MacOS Ventura 13.7.4 are available as small software updates for Mac users running the Sonoma and Ventura operating systems. The updates focus on security enhancements, making them recommended for all Mac users running those operating systems, and they appear to include same security updates available in the just released MacOS Sequoia … [Read More](https://osx … ⌘ Read more
MacOS Sequoia 15.3.1 Update with Bug Fixes Released
Apple has released MacOS Sequoia 15.3.1 update for Mac users running the Sequoia operating system. The new software update includes bug fixes and security enhancements, making it recommended for all users. Separately, Apple has released iOS 18.3.1 for iPhone, ipadOS 18.3.1 for iPad, watchOS 11.3.1 for Apple Watch, and updates to other Apple devices as … [Read More](https://osxdaily.com/2025/02/10/macos-sequoia-15-3-1-update-with-b … ⌘ Read more
iOS 18.3.1 Update Released with Bug Fixes & Security Patches
iOS 18.3.1 for iPhone and iPadOS 18.3.1 for iPad are now available for all eligible users and devices. The new iOS/iPadOS software updates are relatively small and focus on security enhancements and bug fixes, making the update recommended to all users. Additionally, MacOS Sequoia 15.3.1 is available as as software update for Mac, along with … [Read More](https://osxdaily.com/2025/02/10/ios-18-3-1-update-relea … ⌘ Read more
Monero Observer Artistic Saturday Top 5 - Week 6, 2025
Previous Artistic Saturday weekly reports can be found in the [art] 1 section.
From finding to fixing: GitHub Advanced Security integrates Endor Labs SCA
The partnership between GitHub and Endor Labs enables application security engineers and developers to drastically reduce time spent on open source vulnerabilities, and gives them the tools to go from finding to fixing.
The post [From finding to fixing: GitHub Advanced Security integrates Endor Labs SCA](https://github.blog/security/from-finding-to-fixing-github-advanced-security-integrates … ⌘ Read more
On my way to FOSDEM 2025
I’m leaving by train for FOSDEM 2025 in Brussels, Belgium tomorrow
morning, arriving tomorrow evening, Goddess willing.
During FOSDEM I’ll probably mostly be in the Security devroom.
My presentation about the Tillitis TKey is on Saturday at 14:30.
I’m bringing some TKeys, both enduser and unlocked, and a couple of
TKey flash programmers if you want to … ⌘ Read more
Cybersecurity researchers: Digital detectives in a connected world
Discover the exciting world of cybersecurity research: what researchers do, essential skills, and actionable steps to begin your journey toward protecting the digital world.
The post Cybersecurity researchers: Digital detectives in a connected world appeared first … ⌘ Read more
@Prologic@twtxt.net Threema states the findings of that security research are all plugged. Still reading on it. Truth is that my family is difficult to get away from WhatsApp. And yes, I plan to buy them a license key.
EdgeBox Blue is a Compact Industrial VPN Router and IoT Edge Gateway
The EdgeBox-Blue is an industrial VPN router and edge gateway designed for applications requiring secure networking and data management in industrial environments. It runs on an OpenWRT-based platform and supports real-time data acquisition, automation, and cloud integration. The MT7981BA processor supports Wi-Fi 6 (IEEE 802.11ax) with a combined 1.8 Gbps throughput across the 2.4GHz and […] ⌘ Read more
MacOS Sonoma 14.7.3 & MacOS Ventura 13.7.3 with Security Updates Available
Apple has issued macOS Sonoma 14.7.3 along with macOS Ventura 13.7.3 for Mac users who are continuing to run those operating systems. These are security focused updates that are concurrent with the freshly released MacOS Sequoia 15.3 update for those running Sequoia, and are not expected to include any features or notable changes. Safari 18.3 … [Read More](https://osxdaily.com/2025/ … ⌘ Read more
MacOS Sequoia 15.3 Update Brings Genmoji & Bug Fixes
MacOS Sequoia 15.3 update is now available to all Mac users running Sequoia. The latest software update for Mac includes Genmoji support, which allows users with Apple Intelligence supported hardware to generate custom Emoji icons in Messages, along with changes to improve AI summaries, bug fixes, security enhancements, and some other minor changes. For Mac … [Read More](https://osxdaily.com/2025/01/27/macos-sequoia-15-3-upda … ⌘ Read more
iOS 18.3 Update Released with Bug Fixes & AI Summary Improvements
iOS 18.3 for iPhone and iPadOS 18.3 for iPad have been released for all eligible devices. The new software updates focus on bug fixes, security enhancements, and bring some changes to AI features like Visual Intelligence and Apple Intelligence Summaries, the latter of which were generating inaccurate summaries and headlines which bothered some people. Since … [Read More](https://osxdaily.com/2025/01/ … ⌘ Read more
10 U.S. Military Plans That Were Top Secret Until Recently
Throughout history, governments and military organizations have devised secret plans to secure their nation’s interests or gain an advantage over adversaries. Many of these plans remained classified for decades, only coming to light through declassified documents or whistleblowers. These revelations often provide a fascinating glimpse into strategies, fears, and ambitions that shaped global events, offering […]
The … ⌘ Read more
(#3hg26iq) @doesnm@doesnm It stores it in the devices secure store, whatever that is on the device. It’s different for Android and iOS.
@doesnm @doesnm.p.psf.lt It stores it in the devices secure store, whatever that is on the device. It’s different for Android and iOS. ⌘ Read more
Attacks on Maven proxy repositories
Learn how specially crafted artifacts can be used to attack Maven repository managers. This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.
The post Attacks on Maven proxy repositories appeared first on The GitHub Blog. ⌘ Read more
Toradex Adds SMARC iMX8M Plus and iMX95 to Its Embedded Portfolio
Toradex has introduced a new System on Module family to support projects requiring the SMARC standard. Featuring connectivity, advanced multimedia, and machine learning capabilities, the modules are compatible with Torizon Embedded Linux, offering long-term support and secure remote management. The SMARC iMX8M Plus incorporates four Arm Cortex-A53 cores at 1.6 GHz for general processing and […] ⌘ Read more
Seven years of open source: A more secure and diverse ecosystem
Explore insights into open source community growth, innovation, and inclusivity with an updated survey dataset.
The post Seven years of open source: A more secure and diverse ecosystem appeared first on The GitHub Blog. ⌘ Read more
Notary Project completes its second audit!
Community post cross-posted on the OSTIF blog by Helen Woeste, Communications Manager, the Open Source Technology Improvement Fund OSTIF is proud to share the results of our second security audit of Notary Project. Notary Project is… ⌘ Read more
Introduction to GrapheneOS
GrapheneOS (written GOS from now on) is an Android based operating system that focuses security. It is only compatible with Google Pixel devices for multiple reasons: availability of hardware security components, long term support (series 8 and 9 are supported at least 7 years after release) and the hardware has a good quality / price ratio. The goal of GOS is to provide users a lot more control about what their smartphone is doing. A main profile is used by default (the owner … ⌘ Read more
ofrnxmr completes third milestone for BasicSwapDEX CCS
ofrnxmr1 has completed2 the third milestone (M3-F/M3-B) for their CCS proposal3 to empower and steward BasicSwapDex4 to production quality software:
Request for M3-F and M3-B (M3-O comes end of month 4) [..] This next sprint (month) will add some of the more exciting functionality, further improve the UX and add some security features (such as client auth for the api port and amm integra … ⌘ Read more
Go 語言主流安全庫使用指南
Secure Middleware - Secure—————————–secure 是一個 HTTP 中間件,提供了多種安全相關的特性。1.1 基礎使用secure 中間件提供了多個重要的安全選項,每個選項都針對特定的安全威脅:package mainimport ( ”net/http” ”github.com/unrolled/secure ⌘ Read more
Announcing the results of the Karmada security audit
Community post cross-posted on the OSTIF blog OSTIF is proud to share the results of our security audit of Karmada. Karmada is an open source Kubernetes orchestration system for running cloud-native applications seamlessly across different clouds… ⌘ Read more
Protecting the Software Supply Chain: The Art of Continuous Improvement
Discover how Docker’s tools enhance software supply chain security, empowering teams to innovate securely at every stage of development. ⌘ Read more
Monero Research Lab meeting scheduled for 22 January 2025 1700 UTC
The next Monero Research Lab1 meeting is scheduled to take place on Wednesday, January 22nd 2025 at 17:00 UTC on IRC-Libera/Matrix2 in the #monero-research-lab channels.
Git security vulnerabilities announced
A new set of Git releases were published to address a variety of security vulnerabilities. All users are encouraged to upgrade. Take a look at GitHub’s view of the latest round of releases.
The post Git security vulnerabilities announced appeared first on The GitHub Blog. ⌘ Read more
Securing public AWS Application Load Balancer (ALB) with OpenID Connect (OIDC)
Member post originally published on the Devtron blog by Badal Kumar and Siddhant Khisty TL;DR: Learn how to secure your AWS Application Load Balancer (ALB) with OpenID Connect (OIDC) to enhance authentication, prevent unauthorized access and ensure… ⌘ Read more
CEL-ebrating simplicity: mastering Kubernetes policy enforcement with CEL
Community post by Kevin Conner, Chief Engineer, Getup Cloud and co-author of Kubernetes in Action 2nd Edition As Kubernetes deployments grow in scale and complexity, policy enforcement becomes a critical aspect of maintaining secure and reliable… ⌘ Read more
Fuzzing the CNCF landscape in 2024
By Chris Aniszczyk (CNCF), Adam Korczynski (Ada Logics), David Korczynski (Ada Logics) CNCF maintains a high level of security for its projects by way of a series of initiatives such as security auditing, supply-chain assessments and… ⌘ Read more
‘No harm to citizens’: Forrest facilitates historic US-China talks on AI, nuclear security
Mining billionaire Andrew Forrest has helped bring about the first public discussions between the US and China on artificial intelligence and its impact on military and nuclear security. ⌘ Read more
How to secure your GitHub Actions workflows with CodeQL
In the last few months, we secured 75+ GitHub Actions workflows in open source projects, disclosing 90+ different vulnerabilities. Out of this research we produced new support for workflows in CodeQL, empowering you to secure yours.
The post How to secure your GitHub Actions workflows with CodeQL a … ⌘ Read more
Unlocking Efficiency with Docker for AI and Cloud-Native Development
Learn how Docker helps you deliver secure, efficient applications by providing consistent environments and building on best practices that let you discover and resolve issues earlier in the software development life cycle (SDLC). ⌘ Read more
Monero Research Lab meeting scheduled for 15 January 2025 1700 UTC
The next Monero Research Lab1 meeting is scheduled to take place on Wednesday, January 15th 2025 at 17:00 UTC on IRC-Libera/Matrix2 in the #monero-research-lab channels.
- Updates. What is everyone working on?
- Discussion: Post-quantum security and ethical considerations over elliptic curve cryptography3
- AOB
This meeting’s chairperson should be Rucknium4. The … ⌘ Read more
**(
)
EdgeGuard is a self-hosted solution that combines secure tunneling, proxying, and a …**
EdgeGuard is a self-hosted solution that combines secure tunneling, proxying, and automation to create your own private cloud. Utilizing Wireguard for VPN, Caddy for reverse proxying, and Coraza for web application firewall, EdgeGuard allows you to securely expose your home network services (such as Gitea, Poste.io, etc.) to the … ⌘ Read more
↳
In-reply-to
»
hmmm i really should set up crowdsec and maybe a WAF like coraza or something. i don't look at my logs as much as i should because they scare me and ignorance is bliss but i should probably cut out as much false traffic as possible especially to my biggest site (superlove)
⤋ Read More
@kat@yarn.girlonthemoon.xyz i’m reading this and i already have a gts server that i could secure with this but i’m thinking it’d be best for most of my public sites https://ovelny.sh/blog/a-complete-guide-for-your-gotosocial-server/
iOS 18.2.1 Released for iPhone & iPad with Bug Fixes
Apple has released iOS 18.2.1 for iPhone users, and iPadOS 18.2.1 for iPad users. The new software updates are said to include important bug fixes, and are therefore recommended for all users to install. No published security updates are included in the release, and it’s not entirely sure what the specific bug fixes are either. … Read More ⌘ Read more
Unlocking cloud native security with Cilium and eBPF
Ambassador post originally published on Dev.to by Syed Asad Raza Introduction 🌐🔒🚀 As cloud-native applications scale, securing workloads while maintaining performance becomes critical. This is where Cilium, an open-source networking, observability, and security tool, shines. Backed… ⌘ Read more
Why Secure Development Environments Are Essential for Modern Software Teams
Secure development environments are the backbone of modern software teams, ensuring speed and innovation don’t come at the cost of vulnerabilities, inefficiencies, or eroded trust. ⌘ Read more
Monero Research Lab meeting scheduled for 8 January 2025 1700 UTC
The next Monero Research Lab1 meeting is scheduled to take place on Wednesday, January 8th 2025 at 17:00 UTC on IRC-Libera/Matrix2 in the #monero-research-lab channels.
- Updates. What is everyone working on?
- Discussion: Post-quantum security and ethical considerations over elliptic curve cryptography3
This meeting’s chairperson should be Rucknium4. The full dis … ⌘ Read more
Monero Observer Blitz #37 - December 2024
Here’s a recap of what happened this December in the Monero community:
Monero Research Lab meeting scheduled for 1 January 2025 1700 UTC
The next Monero Research Lab1 meeting is scheduled to take place on Wednesday, January 1st 2025 at 17:00 UTC on IRC-Libera/Matrix2 in the #monero-research-lab channels.
- Updates. What is everyone working on?
- Discussion: preventing P2P proxy nodes3
- Discussion: Post-quantum security and ethical considerations over elliptic curve cryptography4
This meeting’s cha … ⌘ Read more
I don’t know. Maybe it’s dumb secure for ddos and botnets? But it can be used not only with IRC
Announcing CodeQL Community Packs
We are excited to introduce the new CodeQL Community Packs, a comprehensive set of queries and models designed to enhance your code analysis capabilities. These packs are tailored to augment…
The post Announcing CodeQL Community Packs appeared first on The GitHub Blog. ⌘ Read more
Recipe for Efficient Development: Simplify Collaboration and Security with Docker
Docker empowers development teams to streamline collaboration, embed security, and accelerate delivery by simplifying workflows and providing tools like Docker Hub, Testcontainers Cloud, and Docker Scout for building high-quality, secure applications faster. ⌘ Read more
Enhance build security and reach SLSA Level 3 with GitHub Artifact Attestations
Learn how GitHub Artifact Attestations can enhance your build security and help your organization achieve SLSA Level 3. This post breaks down the basics of SLSA, explains the importance of artifact attestations, and provides a step-by-step guide to securing your build process.
The post [Enhance build security and reach SLSA Level 3 with GitHub Artifact Attest … ⌘ Read more
Building Trust into Your Software with Verified Components
Learn how Docker Hub and Docker Scout can help development teams ensure a more secure and compliant software supply chain. ⌘ Read more
Haveno adds support for buying XMR without security deposit
woodser1 has released Haveno2 version 1.0.153 with support for buying Monero (initial purchases XMR) without security deposits4, which greatly simplifies the onboarding process for new traders:
Support buying XMR without deposit using passphrase
Increase limits: crypto to 528, very low risk to 132, pay by mail to 48
Support USDC
Show available Moner ... ⌘ [Read more](https://monero.observer/haveno-v1.0.15-released-support-buying-monero-without-security-deposit/)