Forgot your root password? No problem! With #PackageKit <= 1.3.4 you can do all the fun root action on any Linux system you have local access to, no privileges required!

Don't like that? Then PLEASE UPDATE your system ASAP to PackageKit >= 1.3.5 or any fixed distro package. Fixes for this vulnerability should already be available everywhere since today.

You can read more about CVE-2026-41651 on the security researcher's blog:
https://github.security.telekom.com/2026/04/pack2theroot-linux-local-privilege-escalation.html

#pack2theroot #osssecurity

#AgenticAI is moving fast -- but is it secure? 🤖🔐

📅 Join us for an OpenSSF Tech Talk on the practical realities of securing agentic systems on March 17, 1PM ET!

Hear from experts from Microsoft, Canonical, TestifySec, and Thread AI!

Register: https://openssf.org/resources/tech-talks/tech-talk-securing-agentic-ai-in-practice-from-openssf-guidance-to-real-world-implementation/

#OSSSecurity

Think you need special permission to contribute to OpenSSF? Think again. ❌

#OSSSecurity thrives on diverse perspectives. Whether you’re into AI/ML security, policy, or dev best practices, there’s a seat at the table for you. 🪑

Read: https://openssf.org/blog/2026/03/05/your-voice-belongs-here-how-to-get-involved-in-the-openssf-community/

Package repository security impacts every OSS ecosystem. 🔐

OpenSSF convened npm, PyPI, Maven Central, RubyGems, crates.io & more to tackle shared challenges -- from identity to governance and sustainability.

Read: https://openssf.org/blog/2026/02/19/advancing-package-repository-security-through-collaboration/

#OSSSecurity

Open Source #SecurityCon Europe 2026 is heading to Amsterdam 🇳🇱

This blog highlights speakers & perspectives from across the OpenSSF community, all bringing hands-on experience from production environments.

Read the blog: https://openssf.org/blog/2026/02/03/join-us-at-open-source-securitycon-europe-2026-in-amsterdam/

#OSSSecurity

OpenSSF community will be at #FOSDEM2026 this week, bringing practical perspectives on CRA readiness, vulnerability intelligence, SBOMs, and software supply chain security 🔐

Read the blog and find out where to find us & what not to miss: https://openssf.org/blog/2026/01/28/openssfatfosdem/

#OSSSecurity

🎉 We’re excited to share a new blog introducing OSSAfrica, an OpenSSF community-led initiative focused on strengthening open source security across Africa by bringing people together across roles, experience levels, and geographies.

Read: https://openssf.org/blog/2026/01/22/strengthening-open-source-security-through-community-introducing-ossafrica/

#OSSSecurity

🎉 OpenSSF’s 2026 Themes are here, and so is Honk’s 2026 Vision Board, inspired by our new blog post that outlines the community roadmap for securing the future of open source!

Read the blog & see how themes align with our 2026 priorities: https://openssf.org/blog/2026/01/15/openssfs-2026-themes-a-community-roadmap-for-securing-the-future-of-open-source/

#OSSSecurity

Conference badges can mean more than a name 🎟️

Madalin shares what it has meant to represent the Open Source Security Foundation and The Linux Foundation across Europe 🌍 from #opensource events to policy rooms and standards discussions.

Read the story: https://openssf.org/blog/2026/01/09/collecting-badges-building-bridges-representing-openssf-and-linux-foundation-across-europe/

#OSSSecurity

🎙️ "What's in the SOSS?" Podcast Season Finale is live!

Join co-hosts CRob & Yesenia for a special season finale celebrating OpenSSF’s 5th anniversary, & a look back at a truly transformative year for open source security. 🛡️

🎧 Listen: https://openssf.org/podcast/2025/12/30/whats-in-the-soss-podcast-48-s2e25-2025-year-end-wrap-up-celebrating-5-years-of-open-source-security-impact/

#OSSSecurity