Open Source libraries – TheCyberThrone

Apache SuperSet RCE Vulnerability

The open-source data visualization and data exploration platform Apache Superset released security patches to address an insecure default configuration, tracked as CVE-2023-27524 with a CVSS score: 8.9, that could lead to remote…

PravinKarthik April 27, 2023

Log4j – First Year Anniversary ! Lesson Learned -Importance of Software Supply Chain Risk

The first anniversary of Log4j is about to come later in this week, this is a good time to revisit the importance of analyzing supply chain security, as well as…

PravinKarthik December 5, 2022

Software Composition Analysis (SCA)- A dive!

Software development’s today landscape traveled to have a lot and took major changes, with short release cycles, developers need to rely heavily on open source to accelerate innovation. But that…

PravinKarthik May 30, 2022

Project Pyrsia – JFrog Open Source Community

JFrog, a DevOps company has introduced Project Pyrsia, an open-source software community initiative that uses blockchain technology to secure software packages from vulnerabilities and malicious code. Project Pyrsia is an open-source-based, decentralized,…

PravinKarthik May 26, 2022

SOCKET: OSS Prevention Tool

A group of software package maintainers has created a tool for defending applications that depend on open-source JavaScript libraries dubbed Socket, the tool uses a proactive defense against open-source software…

PravinKarthik April 29, 2022

Log4j ! Still Open source Apps are vulnerable

Researchers from Qualys has reported that roughly three months after its discovery late last year, some 30% of Log4j instances remain vulnerable. It has scanned more than 150 million IT…

PravinKarthik March 21, 2022

Deep Search with Kibana

Elastic announces a single management interface for Elastic Enterprise Search in Kibana, updated App Search precision tuning capabilities, and content source flexibility and synonym support for Workplace Search in the 7.14 release…

PravinKarthik August 7, 2021

Pwned goes open ☢️

Have I Been Pwned (HIBP), a website by Troy Hunt, is one of the top destinations to find out if your email ID or password has been part of a…

PravinKarthik May 28, 2021