Open source security goes behind closed doors in Rust advisory dispute A prominent cryptographer banned from Rust channels after clashing with maintainers over bug disclosure, raising governance questions.

Open source security goes behind closed doors in Rust advisory dispute

#Rust #Cybersecurity #OpenSource #VulnerabilityDisclosure #AusNews

thedailyperspective.org/article/2026-03-20-open-...

Codespaces Flaw Let Copilot Leak Token
Read More: buff.ly/oPq4P1f

#GitHubCodespaces #CopilotSecurity #RoguePilot #TokenLeak #CloudDevSecurity #VulnerabilityDisclosure #OrcaSecurity #DevSecOps

In GitHub's advisory pipeline, some advisories move faster than others - Help Net Security GitHub Security Advisories timeline shows how advisory origin shapes review speed and alert visibility for security teams.

In GitHub’s advisory pipeline, some advisories move faster than others

📖 Read more: www.helpnetsecurity.com/2026/02/16/g...

#cybersecurity #cybersecuritynews #vulnerabilitydisclosure #vulnerabilitymanagement @github.com

Original post on infosec.exchange

Acknowledging Reality in Vulnerability Disclosure.

Every few years, vulnerability disclosure is declared settled. We are told that the ecosystem has matured, that coordinated disclosure is the answer, and that whatever remains outside this model is either irresponsible, obsolete, or simply […]

Critical n8n Flaws Disclosed With Exploits
Read More: buff.ly/dx5ECv2

#n8n #CVE202625049 #RemoteCodeExecution #WorkflowSecurity #CloudRisk #DevSecOps #VulnerabilityDisclosure #CyberThreat

Major vulnerabilities found in Google Looker, putting self-hosted deployments at risk - Help Net Security Tenable Research has uncovered two critical vulnerabilities (CVE-2025-12743) in Google Looker known as “LookOut.”

Major vulnerabilities found in Google Looker, putting self-hosted deployments at risk

📖 Read more: www.helpnetsecurity.com/2026/02/04/g...

#cybersecurity #cybersecuritynews #vulnerability #vulnerabilitydisclosure @tenablesecurity.bsky.social

Two High Severity n8n Flaws Enable RCE
Read More: buff.ly/oySkJqt

#n8n #WorkflowSecurity #AutomationSecurity #RemoteCodeExecution #DevSecOps #OpenSourceRisk #AppSec #VulnerabilityDisclosure

Grist Core Flaw Enables Remote Code Execution
Read More: buff.ly/Vm8WYov

#CVE202624002 #RemoteCodeExecution #GristCore #OpenSourceSecurity #Pyodide #AppSec #VulnerabilityDisclosure #ZeroDay

Luxembourg’s GCVE initiative, backed by CIRCL, has launched a new vulnerability database designed to stay CVE-compatible.

It aggregates data from 25+ sources, aligns naming schemes, and supports machine-searchable analysis across ecosystems.

#CyberSecurity #VulnerabilityDisclosure #CVE #EUCyber

GitLab Warns Of High Severity Auth Flaws
Read More: buff.ly/PRMtKMz

#GitLab #AuthBypass #TwoFactorAuth #DevSecOps #SourceCodeSecurity #VulnerabilityDisclosure #Infosec

Tesla, Sony, and Alpine systems compromised on day one of Pwn2Own Automotive 2026 - Help Net Security Security researchers uncovered 37 previously unknown vulnerabilities on the opening day of Pwn2Own Automotive 2026.

Tesla, Sony, and Alpine systems compromised on day one of Pwn2Own Automotive 2026

🔗 Read more: www.helpnetsecurity.com/2026/01/22/p... -

#hackingcontest #vulnerabilitydisclosure #cybersecuritynews
@compass-security.com @synacktiv.com @interruptlabs.bsky.social

A Linux input service flaw shows how local authorization issues can have broad security impact.

Researchers found InputPlumber vulnerabilities that may allow keystroke injection or service disruption if unpatched.

#LinuxSecurity #CyberRisk #VulnerabilityDisclosure #InfoSec

Singapore’s CSA has warned about a critical SmarterMail vulnerability that could allow unauthenticated remote code execution if left unpatched.

#CyberSecurity #VulnerabilityDisclosure #EmailSecurity #InfoSec #TechNadu

M-Files has disclosed a vulnerability affecting session handling in M-Files Server.

An authenticated user could potentially capture session tokens of other active users under certain conditions.
#CyberSecurity #InfoSec #VulnerabilityDisclosure #TechNadu

TeamViewer has disclosed vulnerabilities in its DEX Client service affecting some Windows versions.

The issues could enable DoS or data exposure on adjacent networks, though no active exploitation is known.

#CyberSecurity #VulnerabilityDisclosure #ITSecurity #TechNadu

Bug Bounties: Securing DeFi Protocols for Investors The Role of Bug Bounties in Securing DeFi Protocols for Investors It seems like every other week, there's a new headline about a nine-figure DeFi hack. A flash loan attack…

Bug Bounties: Securing DeFi Protocols for Investors #DeFisecurity #codevulnerability #cryptoinvestorprotection #onchainsecurity #vulnerabilitydisclosure #financialprotocols #smartcontractaudit #bugbountyprogram #codeexploits #Web3security

Crowdsourced security proves that collaboration is the sharpest weapon.

@Bugcrowd #CyberSecurity #BugBounty #CrowdsourcedSecurity #HackerCommunity #Infosec #VulnerabilityDisclosure #EthicalHacking #SecurityInnovation

Google Project Zero now publicly discloses vulnerabilities within 7 days of vendor notification to speed up patch adoption and enhance transparency. #PotatoSecurity #VulnerabilityDisclosure #ProjectZero Link: thedailytechfeed.com/google-proje...

Google Project Zero now publicly discloses vulnerabilities within 7 days of vendor notification to speed up patch adoption and enhance transparency. #CyberSecurity #VulnerabilityDisclosure #ProjectZero Link: thedailytechfeed.com/google-proje...

Discover how the Microsoft Security Response Center (MSRC) collaborates with researchers to enhance cybersecurity through coordinated vulnerability disclosure and community engagement. #CyberSecurity #MSRC #VulnerabilityDisclosure Link: thedailytechfeed.com/microsoft-se...

Ruckus network management solutions riddled with unpatched vulnerabilities - Help Net Security Serious vulnerabilities in two Ruckus Networks products may allow attackers to compromise the environments managed by the affected software.

Ruckus network management solutions riddled with unpatched vulnerabilities

📖 Read more: www.helpnetsecurity.com/2025/07/10/r...

#cybersecurity #cybersecuritynews #vulnerabilitydisclosure #networking @claroty.bsky.social @ruckusnetworks.bsky.social @cmu.edu

Read More: modzero.com/en/blog/when...

#CyberSecurity #CloudSecurity #DataProtection #VulnerabilityDisclosure #Synology #Microsoft365

Vulnerabilities found in NASA's open source software - Help Net Security Vulnerabilities in open source software developed and used by NASA could be exploited to breach their systems, a security researcher claims.

Vulnerabilities found in NASA’s open source software

📖 Read more: www.helpnetsecurity.com/2025/05/27/n...

#cybersecurity #cybersecuritynews #opensource #vulnerabilitydisclosure

Europa baut mit #ENISA eine eigene Schwachstellendatenbank auf. Ziel: Koordinierte Offenlegung, EU-weiter Zugang und Zusammenarbeit mit bestehenden Systemen wie CVE. Könnte mittelfristig helfen, US-Ausfälle zu kompensieren, ist aber noch im Aufbau. #VulnerabilityDisclosure

When retaliation turns digital. New details emerge about Chinese hackers breaching the US Treasury Department. The Supreme Court considers the TikTok ban. Chinese hackers exploit a zero-day flaw in Ivanti Connect Secure VPN. A new credit...

"The [Microsoft Playready DRM] incident highlights ongoing challenges in balancing researcher incentives, corporate responses, and public accountability."

#vulnerabilitydisclosure #cvd #bugbounty

Cloudflare launches free Security.txt generator to boost website security New tool simplifies vulnerability disclosure process, aligning with industry standards for enhanced web security practices.

Cloudflare launches free Security.txt generator to boost website security: New tool simplifies vulnerability disclosure process, aligning with industry standards for enhanced web security practices. #Cloudflare #WebSecurity #CyberSecurity #VulnerabilityDisclosure #SecurityTXT

Cloudflare launches free Security.txt generator to boost website security New tool simplifies vulnerability disclosure process, aligning with industry standards for enhanced web security practices.

Cloudflare launches free Security.txt generator to boost website security: New tool simplifies vulnerability disclosure process, aligning with industry standards for enhanced web security practices. #Cloudflare #WebSecurity #CyberSecurity #VulnerabilityDisclosure #SecurityTXT

Argent sale légal, assureur payeur et claques perdues Bon matin ☕ Pour bien débuter ce vendredi, voici votre dose "cyber à bas bruit" 😊 Pour rappel, cette petite infolettre gratuite est ma pierre à l'édifice de l'information de qualité. Bonne lecture ! C...

🤑Pour certains, c'est comme si l'argent poussait sur les arbres : la monétisation du harcèlement, c'est un vrai truc. Pendant ce temps, d'autres perdent les plans de sécurité des JO
#VendrediLecture #vulnerabilitydisclosure #FemTech #EvilCorp

Bonne lecture 🙌
www.linkedin.com/pulse/argent...