Tag: open-source

DeepTeam: Open-source LLM red teaming framework

Nov 26, 2025 6:49 AM

Tags: framework, LLM, open-source, RedTeam

Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/26/deepteam-open-source-llm-red-teaming-framework/
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack

Nov 26, 2025 12:49 AM

Tags: access, apt, attack, backdoor, cloud, control, credentials, cve, data, detection, exploit, government, group, infrastructure, intelligence, malicious, malware, network, open-source, password, powershell, risk, russia, social-engineering, supply-chain, tactics, theft, threat, tool, vulnerability, windows, zero-day, zero-trust

This blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction, and known threat intelligence, the Zscaler Threat Hunting team reconstructed how a seemingly innocuous web search led to a sophisticated exploitation of a Windows MMC vulnerability,…
Zscaler Threat Hunting Discovers and Reconstructs a Sophisticated Water Gamayun APT Group Attack

Nov 26, 2025 12:49 AM

Tags: access, apt, attack, backdoor, cloud, control, credentials, cve, data, detection, exploit, government, group, infrastructure, intelligence, malicious, malware, network, open-source, password, powershell, risk, russia, social-engineering, supply-chain, tactics, theft, threat, tool, vulnerability, windows, zero-day, zero-trust

This blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction, and known threat intelligence, the Zscaler Threat Hunting team reconstructed how a seemingly innocuous web search led to a sophisticated exploitation of a Windows MMC vulnerability,…
MySQL 8.0 fällt am 30. April 2026 aus dem Support

Nov 26, 2025 12:49 AM

Tags: open-source, software

Baut sich ein weiteres Software-Problem in der IT-Landschaft auf? Das Open Source-Datenbanksystem MySQL ist sehr populär und breit im Einsatz. Aber MySQL 8.0 fällt am 30. April 2026 aus dem Support. Andererseits sieht es so aus, dass weniger als einem … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/26/mysql-8-0-faellt-am-30-april-2026-aus-dem-support/
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level

Nov 25, 2025 3:49 PM

Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerability

Trail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level

Nov 25, 2025 3:49 PM

Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerability

Trail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998

Nov 25, 2025 1:51 PM

Tags: apache, cve, flaw, identity, open-source, password, risk

A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-syncope-cve-2025-65998-flaw/
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998

Nov 25, 2025 1:51 PM

Tags: apache, cve, flaw, identity, open-source, password, risk

A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-syncope-cve-2025-65998-flaw/
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998

Nov 25, 2025 1:51 PM

Tags: apache, cve, flaw, identity, open-source, password, risk

A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-syncope-cve-2025-65998-flaw/
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments

Nov 25, 2025 1:51 PM

Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerability

Five newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments

Nov 25, 2025 1:51 PM

Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerability

Five newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments

Nov 25, 2025 1:51 PM

Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerability

Five newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…
Critical Fluent Bit Vulnerabilities Allow Remote Attacks on Cloud Environments

Nov 25, 2025 1:51 PM

Tags: attack, authentication, cloud, container, cyber, open-source, remote-code-execution, risk, vulnerability

Five newly discovered critical vulnerabilities in Fluent Bit, the open-source log processor embedded in billions of containers, are sending shockwaves through the cloud security community. Oligo Security’s research uncovers attack chains that enable adversaries to bypass authentication, perform path traversal, hijack tags, and even achieve remote code execution all of which risk the very foundation…
Fluent Bit vulnerabilities could enable full cloud takeover

Nov 25, 2025 1:51 PM

Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerability

File writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
Fluent Bit vulnerabilities could enable full cloud takeover

Nov 25, 2025 1:51 PM

Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerability

File writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
Fluent Bit vulnerabilities could enable full cloud takeover

Nov 25, 2025 1:51 PM

Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerability

File writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
Fluent Bit vulnerabilities could enable full cloud takeover

Nov 25, 2025 1:51 PM

Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerability

File writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
Fluent Bit: Große Clouddienste durch Bugs in Open-Source-Tool gefährdet

Nov 25, 2025 11:49 AM

Tags: google, microsoft, open-source, tool

Konzerne wie AWS, Microsoft und Google setzen Fluent Bit ein. Angreifer hätten deren Cloudsysteme durch Sicherheitslücken kapern können. First seen on golem.de Jump to article: www.golem.de/news/fluent-bit-grosse-clouddienste-durch-bugs-in-open-source-tool-gefaehrdet-2511-202557.html
New Shai-Hulud worm spreading through npm, GitHub

Nov 25, 2025 5:49 AM

Tags: access, attack, authentication, automation, ciso, cloud, credentials, cybersecurity, data, data-breach, defense, dns, github, identity, login, malicious, malware, mfa, monitoring, network, open-source, phishing, resilience, sans, software, supply-chain, threat, unauthorized, worm

a thousand new GitHub repositories containing harvested victim data were being added every 30 minutes. And researchers at JFrog identified 181 compromised packages.The current campaign introduces a new variant, which Wiz researchers dub Shai-Hulud 2.0, that executes malicious code during the preinstall phase, “significantly increasing potential exposure in build and runtime environments.”The threat leverages…
Hackers Leveraging WhatsApp to Silently Harvest Logs and Contact Details

Nov 25, 2025 1:49 AM

Tags: attack, automation, banking, credentials, cyber, exploit, finance, hacker, malware, open-source, phishing

Security researchers at K7 Labs have uncovered a sophisticated phishing campaign targeting Brazilian users that exploits WhatsApp Web to distribute malware and steal sensitive financial information. The attack leverages open-source WhatsApp automation scripts combined with banking trojans, spreading silently through victims’ contacts while harvesting logs, credentials, and personal data. The campaign, identified as part of…
Shai-Hulud worm returns stronger and more automated than ever before

Nov 25, 2025 12:49 AM

Tags: github, malware, open-source, worm

Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours. First seen on cyberscoop.com Jump to article: cyberscoop.com/supply-chain-attack-shai-hulud-npm/
Shai-Hulud worm returns stronger and more automated than ever before

Nov 25, 2025 12:49 AM

Tags: github, malware, open-source, worm

Self-replicating malware has infected almost 500 open-source packages, exposing more than 26,000 GitHub repositories in less than 24 hours. First seen on cyberscoop.com Jump to article: cyberscoop.com/supply-chain-attack-shai-hulud-npm/
Beyond the Dark Web: How OSINT Cyber Intelligence Uncovers Hidden Digital Risks

Nov 24, 2025 11:49 PM

Tags: credentials, cyber, dark-web, data-breach, intelligence, open-source, phishing, risk, threat

Cyber threats no longer hide exclusively in the dark web. Increasingly, the early signs of compromise”, leaked credentials, impersonation accounts, phishing campaigns”, emerge across the surface web, social platforms, and open-source data. To keep up, organizations need visibility that extends beyond the shadows. That’s where OSINT cyber intelligence comes in. Open-Source Intelligence (OSINT) is the…
NDSS 2025 Towards Understanding Unsafe Video Generation

Nov 24, 2025 6:49 PM

Tags: ai, computing, conference, defense, Internet, network, open-source

SESSION Session 3D: AI Safety ———– ———– Authors, Creators & Presenters: Yan Pang (University of Virginia), Aiping Xiong (Penn State University), Yang Zhang (CISPA Helmholtz Center for Information Security), Tianhao Wang (University of Virginia) ———– PAPER Towards Understanding Unsafe Video Generation Video generation models (VGMs) have demonstrated the capability to synthesize high-quality output. It is…
NDSS 2025 Towards Understanding Unsafe Video Generation

Nov 24, 2025 6:49 PM

Tags: ai, computing, conference, defense, Internet, network, open-source

SESSION Session 3D: AI Safety ———– ———– Authors, Creators & Presenters: Yan Pang (University of Virginia), Aiping Xiong (Penn State University), Yang Zhang (CISPA Helmholtz Center for Information Security), Tianhao Wang (University of Virginia) ———– PAPER Towards Understanding Unsafe Video Generation Video generation models (VGMs) have demonstrated the capability to synthesize high-quality output. It is…
NDSS 2025 Towards Understanding Unsafe Video Generation

Nov 24, 2025 6:49 PM

Tags: ai, computing, conference, defense, Internet, network, open-source

SESSION Session 3D: AI Safety ———– ———– Authors, Creators & Presenters: Yan Pang (University of Virginia), Aiping Xiong (Penn State University), Yang Zhang (CISPA Helmholtz Center for Information Security), Tianhao Wang (University of Virginia) ———– PAPER Towards Understanding Unsafe Video Generation Video generation models (VGMs) have demonstrated the capability to synthesize high-quality output. It is…
New Fluent Bit Flaws Expose Cloud to RCE and Stealthy Infrastructure Intrusions

Nov 24, 2025 5:49 PM

Tags: authentication, cloud, cybersecurity, flaw, infrastructure, open-source, rce, remote-code-execution, service, vulnerability

Cybersecurity researchers have discovered five vulnerabilities in Fluent Bit, an open-source and lightweight telemetry agent, that could be chained to compromise and take over cloud infrastructures.The security defects “allow attackers to bypass authentication, perform path traversal, achieve remote code execution, cause denial-of-service conditions, and manipulate tags,” Oligo Security said in First seen on thehackernews.com Jump…
Years-old bugs in open source tool left every major cloud open to disruption

Nov 24, 2025 4:49 PM

Tags: cloud, cve, open-source, tool

Fluent Bit has 15B+ deployments “¦ and 5 newly assigned CVEs First seen on theregister.com Jump to article: www.theregister.com/2025/11/24/fluent_bit_cves/
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

Nov 24, 2025 9:49 AM

Tags: access, cve, exploit, flaw, intelligence, malware, microsoft, open-source, service, threat, update, vulnerability, windows

A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad.”The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source First…
ShadowPad Malware Actively Exploits WSUS Vulnerability for Full System Access

Nov 24, 2025 9:49 AM

Tags: access, cve, exploit, flaw, intelligence, malware, microsoft, open-source, service, threat, update, vulnerability, windows

A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad.”The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source First…