Tag: open-source
-
New Shai-hulud Worm Infecting npm Packages With Millions of Downloads
ReversingLabs discovers >>Shai-hulud,
-
Chaos Mesh Critical Vulnerabilities Expose Kubernetes Clusters to Takeover
Security Research recently uncovered four new flaws, CVE-2025-59358, CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361, in the default configuration of the Chaos Controller Manager GraphQL server, a popular open-source chaos engineering platform for Kubernetes. Three of these flaws carry a maximum CVSS 3.1 score of 9.8, enabling any pod in the cluster to run arbitrary commands or inject…
-
Hackers Exploit AdaptixC2, an Emerging Open-Source C2 Tool
In early May 2025, Unit 42 researchers observed that AdaptixC2 was used to infect several systems. While many C2 frameworks garner public attention, AdaptixC2 has remained largely under the radar”, until Unit 42 documented its deployment by real-world threat actors. This article examines AdaptixC2’s capabilities, recent infection scenarios, and guidance for defenders to anticipate and…
-
5 steps for deploying agentic AI red teaming
Tags: access, ai, application-security, attack, automation, blizzard, business, cloud, control, data, defense, exploit, framework, gartner, governance, infrastructure, malicious, open-source, RedTeam, risk, risk-assessment, service, software, threat, tool, zero-trustFive steps to take towards implementing agentic red teaming: 1. Change your attitude Perhaps the biggest challenge for agentic red teaming is adjusting your perspective in how to defend your enterprise. “The days where database admins had full access to all data are over,” says Suer. “We need to have a fresh attitude towards data…
-
Supply Chain Attack >>Shai-Halud<< Targets 477 NPM Packages
A major supply chain attack dubbed >>Shai-Halud>Shai-Halud
-
Supply Chain Attack >>Shai-Halud<< Targets 477 NPM Packages
A major supply chain attack dubbed >>Shai-Halud>Shai-Halud
-
Rayhunter: EFF releases open-source tool to detect cellular spying
The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/17/rayhunter-eff-open-source-tool-detect-cellular-spying/
-
Warning: Hackers have inserted credential-stealing code into some npm libraries
Tags: api, attack, authentication, ciso, cloud, credentials, github, google, hacker, Hardware, incident response, malware, mfa, monitoring, open-source, phishing, sans, software, supply-chain, threatMore than 40 packages affected: One of the researchers who found and flagged the hack Monday was French developer François Best, and it was also described in blogs from StepSecurity, Socket, ReversingLabs and Ox Security. These blogs contain a full list of compromised packages and indicators of compromise.Researchers at Israel-based Ox Security said there was a…
-
Self-Replicating ‘Shai-hulud’ Worm Targets NPM Packages
The newly emerged worm has spread across hundreds of open source software packages, stealing credentials and infecting other components without much direct attacker input. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/self-replicating-shai-hulud-worm-npm-packages
-
Open Source CyberSOCEval Sets New Benchmark for AI in Malware Analysis and Threat Intelligence
Open Source CyberSOCEval, a newly launched evaluation platform, is making waves in the cybersecurity community by demonstrating how artificial intelligence can transform malware analysis and threat intelligence. Developed by a group of independent security researchers, CyberSOCEval combines advanced machine learning models with real-world malware samples to offer organizations a clear view of how AI tools…
-
DjangoCon US 2025: Security, Simplicity, and Community
Tags: open-sourceAt DjangoCon US 2025, speakers emphasized seasoned tech over hype, featuring secure GitOps workflows, simpler frontend alternatives, and sustainable open-source models. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/djangocon-us-2025-security-simplicity-and-community/
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…
-
CVE-2025-58434: Critical FlowiseAI Flaw Enables Full Account Takeover
A severe security vulnerability has been discovered in FlowiseAI, an open-source AI workflow automation tool, exposing users to the risk of complete account compromise. Tracked as CVE-2025-58434, this vulnerability affects both the cloud-hosted version of FlowiseAI and self-hosted deployments that expose the relevant API endpoints. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2025-58434/
-
Arkime: Open-source network analysis and packet capture system
Arkime is an open-source system for large-scale network analysis and packet capture. It works with your existing security tools to store and index network traffic in standard … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/15/arkime-open-source-network-analysis-packet-capture-system/
-
Yurei Ransomware Uses PowerShell to Deploy ChaCha20 File Encryption
A newly discovered ransomware group called Yurei has emerged with sophisticated encryption capabilities, targeting organizations through double-extortion tactics while leveraging open-source code to rapidly scale operations. First observed on September 5, 2025, this Go-based ransomware employs the ChaCha20 encryption algorithm and PowerShell commands to compromise victim systems, marking another evolution in the ransomware-as-a-service ecosystem. Flow…
-
9 unverzichtbare Open-Source-Security-Tools
Tags: attack, authentication, backdoor, blueteam, breach, ciso, cyersecurity, data-breach, encryption, incident response, intelligence, linux, mail, malware, monitoring, open-source, powershell, privacy, risk, software, sql, threat, tool, vulnerability, windowsDiese Open-Source-Tools adressieren spezifische Security-Probleme mit minimalem Footprint.Cybersicherheitsexperten verlassen sich in diversen Bereichen auf Open-Source-Lösungen nicht zuletzt weil diese im Regelfall von einer lebendigen und nutzwertigen Community gestützt werden. Aber auch weil es inzwischen Hunderte qualitativ hochwertiger, quelloffener Optionen gibt, um Breaches und Datenlecks auf allen Ebenen des Unternehmens-Stacks zu verhindern.Falls Sie nun gedanklich bereits…
-
Exploring Open Source and Compliance in Vulnerability Management
Discover how to leverage open-source tools for vulnerability management while meeting compliance requirements. Learn best practices for secure and compliant software development. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/exploring-open-source-and-compliance-in-vulnerability-management/
-
Cybersecurity Snapshot: Security Lags Cloud and AI Adoption, Tenable Report Finds, as CISA Lays Out Vision for CVE Program’s Future
Tags: access, ai, api, attack, automation, best-practice, breach, bug-bounty, business, cisa, cloud, communications, computer, control, cve, cyber, cybersecurity, data, data-breach, defense, encryption, exploit, framework, google, governance, government, identity, infrastructure, intelligence, international, Internet, linkedin, mitre, network, nist, office, open-source, privacy, programming, RedTeam, resilience, risk, risk-management, service, skills, software, strategy, tactics, technology, threat, tool, update, vulnerabilityCheck out Tenable’s report detailing challenges and best practices for cloud and AI security. Plus, CISA rolled out a roadmap for the CVE Program, while NIST updated its guidelines for secure software patches. And get the latest on TLS/SSL security and AI attack disclosures! Here are five things you need to know for the week…
-
New Malvertising Campaign Exploits GitHub Repositories to Distribute Malware
A sophisticated malvertising campaign has been uncovered targeting unsuspecting users through “dangling commits” in a legitimate GitHub repository. Attackers are injecting promotional content for a counterfeit GitHub Desktop installer into popular development and open-source projects. When users download what appears to be the genuine client, the installer quietly delivers malicious payloads in the background, compromising…
-
Threat Actors Leveraging Open-Source AdaptixC2 in Real-world Attacks
In early May 2025, Unit 42 researchers observed multiple instances of AdaptixC2 being deployed to infect enterprise systems. Unlike many high-profile command-and-control (C2) platforms, AdaptixC2 has flown under the radar, with scant public documentation demonstrating its use in live adversary operations. Our research dissects AdaptixC2’s capabilities, deployment techniques, and evasion mechanisms to equip security teams…
-
OT security: Why it pays to look at open source
Tags: access, ai, attack, compliance, control, data, defense, detection, edr, endpoint, Hardware, intelligence, iot, microsoft, ml, monitoring, network, open-source, PCI, service, strategy, threat, tool, vulnerabilityOT security at the highest level thanks to open-source alternatives: Commercial OT security solutions such as those from Nozomi Networks, Darktrace, Forescout or Microsoft Defender for IoT promise a wide range of functions, but are often associated with license costs in the mid to high six-figure range per year. Such a high investment is often…
-
Critical flaw SessionReaper in Commerce and Magento platforms lets attackers hijack customer accounts
Adobe fixed a critical flaw in its Commerce and Magento Open Source platforms that allows an attacker to take over customer accounts. Adobe addressed a critical vulnerability, tracked as CVE-2025-54236 (aka SessionReaper, CVSS score of 9.1) in its Commerce and Magento Open Source platforms. The vulnerability is an improper input validation flaw. >>The bug, dubbed…
-
Adobe Commerce Flaw CVE-2025-54236 Lets Hackers Take Over Customer Accounts
Adobe has warned of a critical security flaw in its Commerce and Magento Open Source platforms that, if successfully exploited, could allow attackers to take control of customer accounts.The vulnerability, tracked as CVE-2025-54236 (aka SessionReaper), carries a CVSS score of 9.1 out of a maximum of 10.0. It has been described as an improper input…
-
The npm incident frightened everyone, but ended up being nothing to fret about
Tags: open-sourceDisaster was averted after widely used open-source packages were compromised via social engineering. First seen on cyberscoop.com Jump to article: cyberscoop.com/open-source-npm-package-attack/
-
Open source security and sustainability remain unsolved problem
While software bills of materials offer some transparency over software components, they don’t solve the imbalance between corporate consumption of open source software and the lack of investment in its security and health First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366630429/Open-source-security-and-sustainability-remain-unsolved-problem
-
Garak: Open-source LLM vulnerability scanner
LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/10/garak-open-source-llm-vulnerability-scanner/
-
Garak: Open-source LLM vulnerability scanner
LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/10/garak-open-source-llm-vulnerability-scanner/