The PHP attack that proved no ecosystem is safe
For years, every major supply chain incident in npm reopened the same joke among developers: maybe it was time to go back to PHP. The problem is that modern software
Category: Security
Osiris: the open-source “Palantir” bringing real-time OSINT to the browser
Osiris has landed on GitHub with an ambitious promise: to bring together open data from aviation, satellites, public cameras, earthquakes, wildfires, news, cyber threats, sanctions, cryptocurrency, and conflict zones in
CIFSwitch: the new Linux flaw that can give local users root
A new local privilege escalation vulnerability in Linux, dubbed CIFSwitch, has raised alerts among system administrators and security teams. The flaw affects the interaction between the kernel’s CIFS/SMB client and
Fragnesia: new local Linux escalation and quick guide for administrators
Fragnesia, tracked as CVE-2026-46300, has once again put the spotlight on a particularly sensitive area of the Linux kernel: networking paths related to XFRM, ESP and IPsec. For system administrators,
Programming with AI requires a security review before deployment
AI-assisted programming has accelerated prototypes, internal tools and products that used to take weeks to reach a first usable version. The problem is that this speed is also pushing code
DirtyFrag forces admins to review Linux kernels in production and containers
DirtyFrag has arrived at the worst possible time for Linux administrators: just days after Copy Fail, and with a public proof of concept circulating before all distributions could complete their
Anthropic shows how Claude can build apps for hours without losing the plot
Anthropic has published one of the most revealing engineering write-ups in the current AI agent wave. It is not a model launch or a flashy benchmark post, but a detailed
RFC 9849 makes ECH official and strengthens web privacy
One of the web’s longest-standing privacy leaks has just been addressed at the standards level. The IETF has published RFC 9849, which formally defines TLS Encrypted Client Hello (ECH) as
A Windows client for Proxmox Backup Server is finally taking shape — an alpha Go project adds VSS “full-machine live backup”
For years, Proxmox Backup Server (PBS) has earned a reputation as one of the most practical parts of the Proxmox stack: fast incremental backups, global deduplication, integrity checks, encryption options,
PentAGI: Open-Source “Autonomous Red Teaming” Arrives—and Forces a Rethink of Infrastructure Defense
Over the past few years, automation has taken over many corners of systems work: deployments, observability, patching, scaling, incident response. Offensive security, however, has largely remained a field where a
You might be interested in...
