This year has seen twice as many software supply chain attacks as 2019-2022 combined and one in eight open source downloads today pose known and avoidable risks.

The latest State of the Software Supply Chain Report from Sonatype, which logged 245,032 malicious packages in 2023, also shows that 96 percent of vulnerabilities are still avoidable.

Continue reading →

Hey folks, we’ve got some cool news from the Linux Mint camp. They’ve just dropped a Cinnamon (Edge) Edition variant of Linux Mint 21.2. Now, this isn’t your regular update; it’s tailor-made for those of us with the shiny, new hardware that doesn’t quite jive with the older 5.15 LTS kernel in the usual Linux Mint 21.x versions. Instead, this “Edge” edition is rocking the newer 6.2 kernel. Oh, and guess what’s making a comeback? Support for Secureboot!

If you’ve been hitting a wall trying to boot or install Linux Mint because your hardware is fresh off the shelf, this “Edge” ISO image could be your ticket out of tech purgatory. Every now and then, Linux Mint throws us a bone with an “edge” ISO image on top of its regular ones for the latest release. This special image is loaded with newer bits to play nice with the latest hardware gadgets and gizmos out there.

Continue reading →

You know, it's often hard to get people to leave their comfort zones. But, sometimes, staying where you're comfortable is the biggest impediment to progress. This is especially true when it comes to operating systems. While Windows 11 has been generating buzz with its new features and revamped UI, let's not forget the other contenders that are pushing boundaries. Linux Lite 6.6 is one such alternative, and dare I say, it's one of the most inviting Linux distributions out there for those looking to make a switch.

The Linux Lite team has really outdone themselves this time around. The 6.6 release is one of their largest since they launched back in 2012. They've added thousands of lines of new code, predominantly to support a vast range of languages. From Afrikaans to Ukrainian, Linux Lite 6.6 now supports a whopping 22 languages, covering areas such as Main Menu, Right Click Menu, Folder Names, and even Desktop Icons. This is an incredible leap toward making Linux Lite a truly global OS.

Continue reading →

What capabilities do IT professionals need for container networking and security? That's what a new study from Tigera has set out to discover.

A survey of more than 1,200 users of the Calico Open Source container security platform finds the capabilities driving their adoption of Calico are, scalable networking (35 percent), security policies (35 percent), interoperability across different environments (33 percent) and encryption capabilities (30 percent).

Continue reading →

The long-awaited Bodhi Linux 7.0 release has finally arrived, and it should make big waves in the open-source community. Built on the solid foundation of Ubuntu 22.04.2 LTS (Jammy Jellyfish), Bodhi 7.0 represents a significant evolution in the realm of Linux distributions. With a strong emphasis on improving user experience, performance, and maintaining its core values of minimalism and customization, this release aims to redefine what Linux can offer to its users.

In a world dominated by proprietary operating systems like Microsoft Windows, Bodhi Linux 7.0 emerges as a breath of fresh air, presenting itself as a compelling alternative. The release boasts an impressive array of enhancements and changes that cater to both newcomers and seasoned Linux enthusiasts.

Continue reading →

I'm almost getting sick of hearing about AI and its ability to change the world for the better, for the worse, for who knows what? But when you get to the heart of what AI is and how it can be applied to unlock value in businesses and everyday life, you have to admit that we're standing on the edge of a revolution. This revolution is likely to change our lives significantly in the short term, and perhaps tremendously so in the medium term.

It wasn't that long ago I felt short-sold by the promise of AI. About eight years ago I saw someone demonstrating a machine's ability to recognize certain flowers. Although impressive, it was a clunky experience, and while I could imagine applications, it didn't excite me. Fast forward a few years, my real moment of surprise came when I found thispersondoesnotexist. My brain couldn't work out why these were not real people, and it stuck with me. My next big moment was podcast.ai and their first AI generated discussion between Joe Rogan and Steve Jobs. But just like everyone else on the planet, the real breakthrough was ChatGPT and the conversation I had with the 'Ghost in the Machine'.

Continue reading →

Cybersecurity benefits from being able to share information about threats in order to speed detection. In pursuit of this the Open Cybersecurity Schema Framework (OCSF) was launched last year by Splunk, Amazon Web Services (AWS), IBM and 15 other cybersecurity firms.

Today OCSF becomes generally available, delivering an open and extensible framework that organizations can integrate into any environment, application or solution to complement existing security standards and processes.

Continue reading →

In a fascinating turn of events at the Flock conference today, it was announced that Fedora Linux is set to be made available on Apple Silicon Mac computers. This development is the result of a close collaboration with the Fedora Asahi Special Interest Group (SIG) and the Asahi Linux project.

The outcome, known as Fedora Asahi Remix, promises to deliver an optimized experience for both Workstation and Server use-cases on Apple Silicon machines. The Asahi Linux project has further revealed that the Fedora Asahi Remix will serve as its new flagship distribution.

Continue reading →

Researchers at Checkmarx have detected several open-source software supply chain attacks that specifically target the banking sector.

These attacks use advanced techniques, including targeting specific components in web assets of the victim bank by attaching malicious functionalities to them. The attackers employed deceptive tactics such as creating fake LinkedIn profiles to appear credible and customized command and control centers for each target, exploiting legitimate services for illicit activities.

Continue reading →

New research shows 52 percent of the top 100 AI open source projects on GitHub reference known vulnerable open source software packages.

The report from Endor Labs explores emerging trends that software organizations need to consider as part of their security strategy, and risks associated with the use of existing open source software (OSS) in application development.

Continue reading →

Privacy-centric firm Proton has announced that its password manager, Proton Pass, is now more than just open source. The company has had the code of its apps, browser extensions and APIs subjected to an independent security audit by German security specialists Cure53.

With passwords providing access to some of the most value and sensitive personal information imaginable, reliable security is essential. The auditors' assessment that Proton has a "commitment to maintaining a high-level of security" and that "the state of security across Proton's applications and platforms is commendable" will serve as helpful recommendations for anyone looking for a safe and secure password manager.

Continue reading →

Ah, it's that time again folks. Nitrux, the up-and-coming Linux distro, is back with its newest update, Nitrux 2.9.0 "nu." While Microsoft might still be stumbling around trying to recover from their latest Windows mishaps, Nitrux is already picking up the pace and setting new standards in the world of operating systems.

Unlike the cluttered and often confusing Windows Update system, the "nu" in Nitrux 2.9.0's codename refers to the new "Nitrux Update System Tool." And it's here to make your life easier. This isn't some random, untested, and buggy update tool Microsoft likes to force on its users. Nitrux's new utility is a focused, minimalist approach to system updates that does what it's supposed to do -- update your system and provide a backup option for rollbacks. No bloatware, no unnecessary complications, just a simple, efficient way to keep your system up to date.

Continue reading →

Canonical has announced the extension of its commercial OpenStack offering to small-scale cloud environments with a new project, Sunbeam.

The project is 100 percent open source and is available free-of-charge, but enterprise customers can also opt-in for comprehensive security coverage and full commercial support under the Ubuntu Pro + Support subscriptions once they’ve completed the deployment.

Continue reading →

Good news, fellow Linux nerds! After many months of development, the Debian project has finally released the latest stable release of its popular Linux-based operating system. Debian 12, codenamed "Bookworm," marks a significant milestone in the ongoing battle against proprietary operating systems, particularly Windows 11. Debian 12 offers a legitimate alternative that truly empowers users.

One of the standout features of Debian 12 is its commitment to long-term support. Thanks to the joint efforts of the Debian Security team and the Debian Long Term Support team, Bookworm will receive support for a generous five-year period. This ensures that users can rely on Debian 12 for their computing needs without the constant pressure to upgrade or migrate to newer versions.

Continue reading →

Windows 11 comes bundled with a lot of stock apps that you probably have no use for. You can manually remove most of these with no issue, but the new open source JunkCtrl tool simplifies the process.

Created by Belim, the developer behind Windows tools like ThisIsWin11 and BloatyNosy, JunkCtrl doesn't require installation, and can clean up your Windows in a couple of clicks.

Continue reading →