Tag: open-source
-
Free Open-Source Software for Modern Identity and Access Management
Explore free and open-source software options for modern Identity and Access Management (IAM). Enhance security and streamline user access with these powerful tools. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/free-open-source-software-for-modern-identity-and-access-management/
-
Threat Actors Exploit Discord Webhooks for C2 via npm, PyPI, and Ruby Packages
Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets, host telemetry, and developer environment data without standing up bespoke infrastructure. Socket’s Threat Research Team has documented active abuse across npm, PyPI, and RubyGems, where hard-coded Discord webhook URLs act as write-only sinks to siphon…
-
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the…
-
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the…
-
Intel’s open source future in question as exec says he’s done carrying the competition
Tags: open-sourceKevork Kechichian says x86 giant’s contributions should benefit Intel first First seen on theregister.com Jump to article: www.theregister.com/2025/10/09/intel_open_source_commitment/
-
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads.According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It’s assessed that the malware is being propagated through First…
-
Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers
Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js’ Single Executable Application (SEA) feature as a way to distribute its payloads.According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It’s assessed that the malware is being propagated through First…
-
Open-source DFIR Velociraptor was abused in expanding ransomware efforts
Attribution and the ransomware cocktail: Talos links the campaign to Storm-2603, a suspected China-based threat actor, citing matching TTPs like the use of ‘cmd.exe’, disabling Defender protections, creating scheduled tasks, and manipulating Group Policy Objects. The use of multiple ransomware strains in a single operation Warlock, LockBit, and Babuk also bolstered confidence in this attribution.”Talos…
-
Open-source DFIR Velociraptor was abused in expanding ransomware efforts
Attribution and the ransomware cocktail: Talos links the campaign to Storm-2603, a suspected China-based threat actor, citing matching TTPs like the use of ‘cmd.exe’, disabling Defender protections, creating scheduled tasks, and manipulating Group Policy Objects. The use of multiple ransomware strains in a single operation Warlock, LockBit, and Babuk also bolstered confidence in this attribution.”Talos…
-
U.S. CISA adds Grafana flaw to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, monitoring, open-source, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Grafana flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Grafana flaw, tracked as CVE-2021-43798 (CVSS score 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. Grafana is an open-source platform for monitoring and observability. This flaw is a directory traversal vulnerability affecting versions…
-
Nagios: Open-source monitoring solution
Nagios is an open-source monitoring solution, now included as part of the robust Nagios Core Services Platform (CSP). It delivers end-to-end visibility across the entire IT … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/10/nagios-open-source-monitoring-solution/
-
Legit tools, illicit uses: Velociraptor, Nezha turned against victims
Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/09/velociraptor-nezha-attackers-misuse/
-
Threat Actors Exploit DFIR Tool Velociraptor in Ransomware Attacks
Tags: access, attack, cisco, cyber, exploit, incident response, open-source, ransomware, software, threat, toolCisco Talos has confirmed that ransomware operators are now leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool, to gain stealthy, persistent access and deploy multiple ransomware variants against enterprise environments. This marks the first definitive linkage between Velociraptor and ransomware operations, underscoring a shift in how threat actors incorporate legitimate security software…
-
Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
-
Velociraptor leveraged in ransomware attacks
Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to threat actor Storm-2603, based on overlapping tools First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/
-
IT Aktuelle Ransomware-Bedrohung ‘Yurei” ist ein Open-Source-Projekt
First seen on security-insider.de Jump to article: www.security-insider.de/aktuelle-ransomware-bedrohung-yurei-ist-ein-open-source-projekt-a-eaebffe977f73819da9c0911db446738/
-
Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave
Threat actors with suspected ties to China have turned a legitimate open-source monitoring tool called Nezha into an attack weapon, using it to deliver a known malware called Gh0st RAT to targets.The activity, observed by cybersecurity company Huntress in August 2025, is characterized by the use of an unusual technique called log poisoning (aka log…
-
China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-nexus-actors-nezha-open-source-tool
-
China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-nexus-actors-nezha-open-source-tool
-
China-Nexus Actors Weaponize ‘Nezha’ Open Source Tool
A threat actor is putting a spin on classic remote monitoring and management (RMM) attacks, using a Chinese open source tool instead. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/china-nexus-actors-nezha-open-source-tool
-
Open-source monitor turns into an off-the-shelf attack beacon
Tags: api, apt, attack, china, control, hacker, malware, monitoring, open-source, powershell, ransomware, rat, RedTeam, russia, software, threat, tool, windowsRiding Nezha to Ghost RAT: With the web shell in place, the attackers used AntSword to download two components: “live.exe” (the Nezha agent) and a “config.yml” that pointed to the attacker-controlled domain. The Nezha agent connected back to a management server whose dashboard was running in Russian, presumably to throw off attribution.Once Nezha was active,…
-
Autonomous AI hacking and the future of cybersecurity
Tags: ai, cyber, cyberattack, cybersecurity, defense, framework, hacking, offense, open-source, programming, reverse-engineering, risk, risk-management, saas, software, tool, update, vulnerabilityThe AI-assisted evolution of cyberdefense: AI technologies can benefit defenders as well. We don’t know how the different technologies of cyber-offense and cyber-defense will be amenable to AI enhancement, but we can extrapolate a possible series of overlapping developments.Phrase One: The Transformation of the Vulnerability Researcher. AI-based hacking benefits defenders as well as attackers. In…
-
Autonomous AI hacking and the future of cybersecurity
Tags: ai, cyber, cyberattack, cybersecurity, defense, framework, hacking, offense, open-source, programming, reverse-engineering, risk, risk-management, saas, software, tool, update, vulnerabilityThe AI-assisted evolution of cyberdefense: AI technologies can benefit defenders as well. We don’t know how the different technologies of cyber-offense and cyber-defense will be amenable to AI enhancement, but we can extrapolate a possible series of overlapping developments.Phrase One: The Transformation of the Vulnerability Researcher. AI-based hacking benefits defenders as well as attackers. In…
-
DefectDojo: Open-source DevSecOps platform
DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/08/defectdojo-open-source-devsecops-platform/
-
DefectDojo: Open-source DevSecOps platform
DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/08/defectdojo-open-source-devsecops-platform/
-
FreePBX SQL Injection Vulnerability Leads to Database Tampering
A critical SQL injection vulnerability in FreePBX, designated as CVE-2025-57819, has been actively exploited by attackers to modify the database and achieve arbitrary code execution on vulnerable systems. The vulnerability affects the popular open-source PBX platform that provides a web-based administration interface for managing Asterisk VoIP systems across all supported versions including FreePBX 15, 16, and…
-
Google DeepMind launches an AI agent to fix code vulnerabilities automatically
Reactive and proactive security: The tool takes both reactive and proactive approaches to code security, Google DeepMind said. Reactively, it instantly patches new vulnerabilities. Proactively, it rewrites and secures existing code to eliminate entire classes of vulnerabilities.In one proactive example, Google DeepMind deployed CodeMender to apply -fbounds-safety annotations to parts of libwebp, a widely used…
-
The role of Artificial Intelligence in today’s cybersecurity landscape
AI is transforming cybersecurity”, from detecting phishing and insider threats to accelerating response. See how Waziuh, the open-source XDR and SIEM, integrates AI to turn raw security data into actionable insights and smarter threat hunting. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-role-of-artificial-intelligence-in-todays-cybersecurity-landscape/
-
Integrate Gemini CLI into Your Kali Terminal to Speed Up Pentesting Tasks
With the release of Kali Linux 2025.3, penetration testers and security professionals gain access to an innovative AI-powered assistant, the Gemini Command-Line Interface (CLI). This open-source package brings Google’s Gemini AI directly into the terminal, offering natural languagedriven automation for common pentesting workflows. The integration of Gemini CLI marks a significant leap forward in the…
-
Vibe Coding Is the New Open Source”, in the Worst Way Possible
As developers increasingly lean on AI-generated code to build out their software”, as they have with open source in the past”, they risk introducing critical security failures along the way. First seen on wired.com Jump to article: www.wired.com/story/vibe-coding-is-the-new-open-source/