@ostif.org@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
Securing Open Source for the World
Site URL: ostif.org
Feed URL: ostif.org/feed
Posts: 10
Followers: 1
Scala Audit Complete!
https://ostif.org/scala-audit-complete/
Published: June 1, 2026 14:30
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Scala. Scala is a modern multi-paradigm programming language designed to express common programming patterns in a concise, elegant, and type-safe way. It…
Disclosing the BADHOST Vulnerability in Starlette
https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette/
Published: May 26, 2026 08:30
BADHOST OSTIF is disclosing the expanded details of the BadHost vulnerability in Starlette as slow uptake of updated versions of Starlette and discovery of more vulnerable live services has caused us serious concerns. I’d like to open by saying that the…
Hack to the Future: The Impact and Legacy of the DARPA AIxCC Challenge
https://ostif.org/hack-to-the-future/
Published: May 12, 2026 14:00
AIxCC Competition Background & Results: In 2023, DARPA announced a two-year long competition called the Artificial Intelligence Cyber Challenge (AIxCC) with the goal to safeguard open source software used in critical infrastructure throughout America. The…
Paramiko Audit Complete!
https://ostif.org/paramiko-audit-complete/
Published: May 5, 2026 14:01
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Paramiko. Paramiko is an open source Python implementation of the SSHv2 protocol designed for secure remote login and other secure network services. Thanks…
LibVLC Audit Complete!
https://ostif.org/libvlc-audit-complete/
Published: April 30, 2026 14:01
The Open Source Technology Improvement Fund is proud to share the results of our security audit of LibVLC. LibVLC is the open source core engine and foundation of VLC media player. With auditing by Trail of Bits and funding provided by the Sovereign Tech…
Inspektor Gadget Audit Complete!
https://ostif.org/inspektor-gadget-audit-complete/
Published: April 30, 2026 13:59
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Inspektor Gadget. Inspektor Gadget is a collection of open source libraries and tools for data collection and inspection of Kubernetes clusters and Linux…
Requests, CacheControl, and urllib3 Audits Complete!
https://ostif.org/requests-cachecontrol-urllib3-audits-complete/
Published: April 28, 2026 14:06
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Requests, CacheControl, and urllib3. Requests is a widely used, elegant HTTP library for Python, designed to make HTTP requests simple and human-friendly,…
DEfO Audit Complete!
https://ostif.org/defo-audit-complete/
Published: April 8, 2026 13:44
The Open Source Technology Improvement Fund is proud to share the results of our security engagement on Developing ECH for OpenSSL (“DEfO”). DEfO is an open source implementation of Encrypted Client Hello (ECH) for OpenSSL, and provides proof-of-concept…
Bug of the Year Award 2025
https://ostif.org/bug-of-the-year-award-2025/
Published: March 17, 2026 14:00
2025 Bug of the Year Award The Open Source Technology Improvement Fund is a non profit organization that specializes in security engagements for open source projects. We create bridges between the complex web of entities that are necessary to carry out a…
Stork Audit Complete!
https://ostif.org/stork-audit-complete/
Published: March 3, 2026 15:00
The Open Source Technology Improvement Fund is proud to share the results of our security audit of Stork. Stork is an open source project developed by the Internet Systems Consortium (ISC) that acts as an administrative interface for monitoring,…