Tag: open-source
-
nopCommerce Flaw Lets Attackers Access Accounts Using Captured Cookies
Security researchers have uncovered a serious vulnerability in nopCommerce, a popular open-source ecommerce platform used by major companies, including Microsoft, Volvo, and BMW. The flaw allows attackers to hijack user accounts by exploiting captured session cookies, even after legitimate users have logged out. Field Details CVE ID CVE-2025-11699 Vulnerability Title Insufficient Session Cookie Invalidation Platform…
-
Evilginx Attack Techniques Allow Hackers to Defeat MFA Through SSO Phishing
Tags: attack, authentication, credentials, cyber, framework, hacker, login, mfa, open-source, phishing, threatA sophisticated threat actor has been conducting a persistent phishing campaign against United States educational institutions since April 2025, leveraging the open-source Evilginx framework to bypass multi-factor authentication (MFA). The campaign, which has targeted at least 18 universities to date, utilizes adversary-in-the-middle (AiTM) techniques to intercept login credentials and session cookies by mimicking legitimate single…
-
SmartTube Android TV App Compromised After Signing Keys Leak
SmartTube, a popular open-source YouTube client for Android TV devices with over 25,900 GitHub stars, has been compromised after its digital signing keys were exposed, prompting an urgent security response from developer Yurii Liskov (yuliskov). The incident, disclosed on November 27, 2025, has forced affected users to reinstall the application under a new digital signature…
-
Evilginx Attack Techniques Allow Hackers to Defeat MFA Through SSO Phishing
Tags: attack, authentication, credentials, cyber, framework, hacker, login, mfa, open-source, phishing, threatA sophisticated threat actor has been conducting a persistent phishing campaign against United States educational institutions since April 2025, leveraging the open-source Evilginx framework to bypass multi-factor authentication (MFA). The campaign, which has targeted at least 18 universities to date, utilizes adversary-in-the-middle (AiTM) techniques to intercept login credentials and session cookies by mimicking legitimate single…
-
OpenVPN Flaws Allow Hackers to Launch DoS Attacks and Bypass Security Checks
Security researchers have uncovered three significant vulnerabilities in OpenVPN, one of the world’s most trusted open-source virtual private network (VPN) solutions. The discovered flaws could allow attackers to crash VPN services, bypass essential security checks, or read sensitive memory data. The OpenVPN development team has released urgent updates to address these issues, and administrators are…
-
OpenVPN Flaws Allow Hackers to Launch DoS Attacks and Bypass Security Checks
Security researchers have uncovered three significant vulnerabilities in OpenVPN, one of the world’s most trusted open-source virtual private network (VPN) solutions. The discovered flaws could allow attackers to crash VPN services, bypass essential security checks, or read sensitive memory data. The OpenVPN development team has released urgent updates to address these issues, and administrators are…
-
SmartTube YouTube app for Android TV breached to push malicious update
The popular open-source SmartTube YouTube client for Android TV was compromised after an attacker gained access to the developer’s signing keys, leading to a malicious update being pushed to users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/smarttube-youtube-app-for-android-tv-breached-to-push-malicious-update/
-
Microsoft gives Windows admins a legacy migration headache with WINS sunset
Tags: attack, control, cyber, dns, exploit, hacker, infrastructure, malicious, microsoft, network, open-source, penetration-testing, risk, service, technology, tool, vulnerability, windowsWhy WINS is still in use: Organizations still using WINS are likely to fall into one of two categories: those using it to support old technologies with long lifecycles such as operational technology (OT) systems, and those that have simply half-forgotten that they are still using it.”For OT stacks built around WINS/NetBIOS, replacing them isn’t…
-
Linux 6.18 Rolls Out With Major Hardware Support Upgrades and Driver Enhancements
Linus Torvalds has officially released Linux 6.18, the latest stable version of the Linux kernel. The announcement came on Sunday, November 30, 2025, marking another milestone for the open-source operating system that powers everything from smartphones to supercomputers. Torvalds shared the news through the Linux kernel mailing list, noting that while there was more bugfixing…
-
Schwachstellen in Fluent Bit gefährdeten USInstanzen
Cloud-Anbieter wie AWS, Microsoft oder Google verwenden die Open Source-Software Fluent Bit zur Erfassung von Telemetriedaten (Monitoring). Gleich fünf Schwachstellen in dieser Software hätten die Remote-Übernahme von Containern, die auf den entsprechenden Cloud-Instanzen gehostet wurden, ermöglichet. Nutzer sollten die Software … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/30/schwachstellen-in-oss-tool-fluent-bit-gefaehrdete-us-cloud-instanzen/
-
KawaiiGPT: A Free WormGPT Clone Using DeepSeek, Gemini, and Kimi-K2 Models
A new open-source tool called KawaiiGPT has surfaced on GitHub, positioning itself as a >>cute>jailbroken>WormGPT kawaii ver,
-
Neues ToddyCat-Toolkit greift Outlook und Microsoft-Token an
Tags: access, apt, backdoor, browser, chrome, cloud, cyberattack, exploit, governance, government, Internet, kaspersky, mail, microsoft, open-source, powershell, tool, update, vulnerability, windowsDie APT-Gruppe ToddyCat hat ihren Fokus auf den Diebstahl von Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken verlagert.Forscher von Kaspersky Labs haben festgestellt, dass sich die APT-Gruppe (Advanced Persistent Threat) ToddyCat jetzt darauf spezialisiert hat, Outlook-E-Mail-Daten und Microsoft 365-Zugriffstoken zu stehlen.Demnachhat die Hackerbande ihr Toolkit Ende 2024 und Anfang 2025 weiterentwickelt, um nicht nur wie bisher Browser-Anmeldedaten zu…
-
Hottest cybersecurity open-source tools of the month: November 2025
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Heisenberg: … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/27/hottest-cybersecurity-open-source-tools-of-the-month-november-2025/
-
CrewAI GitHub Token Exposure Highlights the Growing Risk of Static Credentials in AI Systems
3 min readAs AI platforms grow more complex and interdependent, small failures can cast long shadows. That’s what happened inside the open-source CrewAI platform, where a vulnerability in its error-handling logic surfaced during a provisioning failure. The resulting “exception response” the message a service returns when it encounters an unhandled error during a request contained……
-
CrewAI GitHub Token Exposure Highlights the Growing Risk of Static Credentials in AI Systems
3 min readAs AI platforms grow more complex and interdependent, small failures can cast long shadows. That’s what happened inside the open-source CrewAI platform, where a vulnerability in its error-handling logic surfaced during a provisioning failure. The resulting “exception response” the message a service returns when it encounters an unhandled error during a request contained……
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
ToddyCat APT evolves to target Outlook archives and Microsoft 365 tokens
Outlook in the Crosshairs: Another evolution involves accessing actual mail data. ToddyCat deployed a tool named TCSectorCopya C++ utility that opens the disk as a read-only device and copies Outlook’s offline storage files (OST) sector by sector, bypassing any file-lock mechanisms that Outlook may enforce.Once OST files are extracted, they are fed into XstReader, an…
-
DeepTeam: Open-source LLM red teaming framework
Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/26/deepteam-open-source-llm-red-teaming-framework/
-
DeepTeam: Open-source LLM red teaming framework
Security teams are pushing large language models into products faster than they can test them, which makes any new red teaming method worth paying attention to. DeepTeam is an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/26/deepteam-open-source-llm-red-teaming-framework/
-
MySQL 8.0 fällt am 30. April 2026 aus dem Support
Baut sich ein weiteres Software-Problem in der IT-Landschaft auf? Das Open Source-Datenbanksystem MySQL ist sehr populär und breit im Einsatz. Aber MySQL 8.0 fällt am 30. April 2026 aus dem Support. Andererseits sieht es so aus, dass weniger als einem … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/26/mysql-8-0-faellt-am-30-april-2026-aus-dem-support/
-
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level
Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerabilityTrail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
-
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level
Tags: access, apple, attack, crypto, cryptography, data, exploit, government, group, infrastructure, open-source, rust, vulnerabilityTrail of Bits has developed constant-time coding support for LLVM 21, providing developers with compiler-level guarantees that their cryptographic implementations remain secure against branching-related timing attacks. This work introduces the __builtin_ct_select family of intrinsics and supporting infrastructure that prevents the Clang compiler, and potentially other compilers built with LLVM, from inadvertently breaking carefully crafted constant-time…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Fluent Bit vulnerabilities could enable full cloud takeover
Tags: backdoor, cloud, computing, container, cve, docker, flaw, malicious, open-source, remote-code-execution, vulnerabilityFile writes, container overflow, and full agent takeover: Oligo also disclosed a chain of remote code execution (RCE) and path traversal vulnerabilities affecting the tool. CVE-2025-12972 targets the “out_file” output plugin. When Tag values are user-controlled, and no fixed File parameter is set, attackers can abuse the Tag value (e.g.,”../”) to cause path-traversal file writes…
-
Apache Syncope Passwords at Risk from Newly Disclosed CVE-2025-65998
A critical security flaw has been uncovered in Apache Syncope, the widely used open-source identity management system, potentially putting organizations at risk of exposing sensitive password information. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/apache-syncope-cve-2025-65998-flaw/