Developers

A newly disclosed Linux privilege escalation flaw dubbed "Dirty Frag" is raising concerns among security researchers who warn it could give attackers reliable root access across a wide range of enterprise environments.

A recently patched GitHub RCE flaw is raising broader questions about implicit trust in software supply chains. CodeHunter CEO Ken Ammon explains why trusted users and platforms no longer guarantee safe code.

ClusterAPI simplified Kubernetes provisioning, but operations remain complex. Teams still must correlate fragmented signals across systems, driving demand for AI-driven visibility and faster issue resolution.

More than 500 developers are urging Oracle to consider a vendor-neutral foundation for MySQL, warning that limited community input could slow innovation and fragment the ecosystem.

As AI-assisted coding accelerates software development, security teams are facing a growing challenge managing expanding open-source dependencies and the vulnerabilities they introduce across enterprise environments.

Percona is refocusing on fast, structured database services to help enterprises overcome talent shortages, improve performance, and prepare open-source data platforms for AI readiness.

Red Hat has become a foundational player in enterprise AI by combining open-source infrastructure with hybrid cloud flexibility, maintaining independence while leveraging IBM’s global scale.

Ransomware gangs are exploiting AdaptixC2, an open-source command-and-control framework originally built for red team testing, to support stealthy post-exploitation operations.

A coalition of open-source stewards warns that the software industry’s reliance on goodwill to maintain critical infrastructure is unsustainable, despite open source fueling trillions in global economic value.

TuxCare Radar is an in-memory CVE scanner that reduces false positives, speeds compliance, and delivers real-time Linux vulnerability detection.

Open-source systems are adopting live patching and isolation technologies to support always-on security and meet enterprise compliance demands in the cloud.

Slashing Kubernetes costs sounds smart — until it backfires. Here’s how to reduce spend safely while improving platform stability and speed.

The OpenSSF’s new baseline sets minimum security expectations for open-source projects — but not all developers agree it’s practical, scalable, or sufficient.

Open-source software may be in the crosshairs of military and government agencies as the U.S. Department of Defense evaluates the risks of both free and proprietary software.