Topic

#Security

55 articles on Security — news, releases, guides and analysis from the SourceFeed engine.

Inside JumpServer: Open-Source PAM for Modern Infrastructure

A self-hostable alternative to commercial PAM platforms brings browser-based access control, but its multi-component architecture requires careful management.

Emeka Okafor

The SQLite App Server: Why Datasette Apps Changes the Game

By embedding sandboxed HTML/JS apps directly alongside SQLite databases, Datasette becomes a secure, zero-maintenance internal tool platform.

Article · 1w ago1

Defend Your LLM App Against Prompt Injection and Jailbreaks

Build a practical two-layer defense—regex heuristics plus an ML classifier—and an output guardrail that blocks attacks before they reach your model or your users.

Tutorial · 1w ago0

Sliding-Window Rate Limiting for FastAPI with Redis

Protect your Python API from hammering and credential-stuffing with a per-IP and per-token rate limiter backed by Redis — before you ship to production.

Tutorial · 1w ago0

Why JWTs Are a Security Anti-Pattern for Sessions

Relying on stateless JSON Web Tokens for persistent user sessions introduces severe security risks and architectural complexity.

Article · 1w ago0

Why CVE Counts Misrepresent Rust and C/C++ Security

Comparing vulnerability counts ignores how the two language ecosystems define the boundary between library bugs and caller misuse.

Article · 1w ago0

How a Fake LinkedIn Job Offer Delivered a Node Backdoor

Attackers are using stolen identities and malicious npm lifecycle scripts to target developers during the recruitment process.

Article · 2w ago4

Replace Long-Lived AWS Credentials with GitHub Actions OIDC

Configure IAM and GitHub Actions to exchange short-lived, automatically-expiring AWS credentials on every workflow run — no stored access keys, no rotation toil.

Tutorial · 2w ago0

Curl Pauses Vulnerability Report Intake for July 2026

The project's HackerOne form and security inbox go dark for a month, pushing coordinated disclosure plans into August.

News · 2w ago2

Sophisticated AUR Malware Waves Expose Container and Pipeline Risks

A second wave of obfuscated malware targeting Arch Linux's user repository highlights the danger of unpinned, automated builds.

Article · 2w ago3

Harden a Fresh Linux VPS in 30 Minutes: SSH Keys, UFW, and Fail2ban

Lock down a brand-new Ubuntu 22.04 server before you deploy anything: disable password logins, firewall every unused port, and auto-ban brute-force attackers.

Tutorial · 2w ago0

Migrating TrueType Hinting to Swift: How Apple Beat C

Apple's rewrite of its legacy TrueType interpreter shows how modern Swift features like non-copyable types can outperform C.

Article · 2w ago4

Set Up Trusted Local HTTPS with mkcert

Generate a real, browser-trusted TLS certificate for localhost in minutes — no more certificate warnings during local development.

Tutorial · 2w ago0

AUR Supply Chain Attack Delivers eBPF Rootkit and Infostealer

A spoofed maintainer adopted over 400 Arch User Repository packages, injecting preinstall scripts that fetch malicious NPM payloads.

News · 2w ago0

Critical Ivanti Sentry RCE Under Active Exploitation

A maximum-severity unauthenticated command injection vulnerability in Ivanti Sentry is being actively targeted following a public exploit release.

News · 2w ago0

Claude Fable 5 Benchmarks Reveal Middling Security Fix Rates

New evaluation data shows Anthropic's latest model struggles with real-world security patches despite its impressive offensive capabilities.

Article · 2w ago7