Microsoft has open sourced CodeQL queries used to scan for Solorigate malware activity that matches the SolarWinds supply-chain attack.
Drupal has patched a Critical third-party library vulnerability (CVE-2020-36193) that affects multiple versions of Drupal Core.
Security experts from Microsoft have observed a cyber threat actor dubbed GADOLINIUM that uses new attack techniques via cloud services and open source tools.
GitHub, one of the world’s leading software development platforms, has launched GitHub Security Lab with aim to secure open source software.
A security researcher released the details of a VirtualBox vulnerability that affects VirtualBox 5.2.20 and earlier versions.
Gentoo provided a new security update that describes the impact and root cause of its recent GitHub Linux distribution repository hacking incident.
A popular Linux distribution, Gentoo, said its source code hosted on GitHub was compromised.
repository hosting services GitHub, GitLab and Microsoft VSTS were all impacted by a serious vulnerability that could lead to arbitrary code execution when a developer uses a malicious repository, Threatpost reports. Each of the hosting services patched the bug on Tuesday.
A new vulnerability dubbed "Total Meltdown" was discovered last month after Microsoft issued patches to fix the previous Meltdown vulnerabilities.