Tag: open-source
-
Self-propagating worm found in marketplaces for Visual Studio Code extensions
Tags: access, application-security, attack, backdoor, backup, best-practice, blockchain, breach, ciso, control, credentials, crime, crypto, cyber, data, data-breach, endpoint, framework, github, gitlab, google, government, identity, incident response, infrastructure, intelligence, least-privilege, login, malicious, malware, marketplace, network, open-source, resilience, risk, sans, security-incident, software, supply-chain, threat, tool, update, wormMarketplaces targeted: The Koi Security report is the latest in a series of warnings that threat actors are increasingly targeting VS Code marketplaces in supply chain attacks. Last week, Koi Security exposed a threat actor dubbed TigerJack spreading malicious extensions. And researchers at Wiz just published research showing the widespread abuse of the OpenVSX and…
-
NDSS 2025 Workshop On Security And Privacy Of Next-Generation Networks (FutureG) 2025, Session 1. Panelists Papers SESSION Opening Remarks, Panel And FutureG 2025 Session 1: AI-Assisted NextG
Tags: 5G, ai, conference, detection, government, Internet, LLM, network, open-source, privacy, vulnerabilityPanelists: Ted K. Woodward, Ph.D. Technical Director for FutureG, OUSD (R&E) Phillip Porras, Program Director, Internet Security Research, SRI Donald McBride, Senior Security Researcher, Bell Laboratories, Nokia This panel aims to bring together various participants and stakeholders from government, industry, and academia to present and discuss recent innovations and explore options to enable recent 5G…
-
Over 120,000 Bitcoin Private Keys Compromised Due to Flaw in Libbitcoin Explorer
A severe vulnerability in the random number generation method of the widely used open-source Bitcoin library Libbitcoin Explorer has led to the exposure of more than 120,000 Bitcoin private keys, putting many digital assets at risk. The flaw, rooted in a predictable pseudo-random number generator, impacted multiple wallet platforms and may explain several historical, unexplained…
-
Over 120,000 Bitcoin Private Keys Compromised Due to Flaw in Libbitcoin Explorer
A severe vulnerability in the random number generation method of the widely used open-source Bitcoin library Libbitcoin Explorer has led to the exposure of more than 120,000 Bitcoin private keys, putting many digital assets at risk. The flaw, rooted in a predictable pseudo-random number generator, impacted multiple wallet platforms and may explain several historical, unexplained…
-
AdaptixC2 Emerges in npm Supply-Chain Exploit Against Developers
Tags: attack, cyber, cybersecurity, exploit, framework, kaspersky, malicious, open-source, risk, software, supply-chain, threatCybersecurity researchers at Kaspersky have uncovered a sophisticated supply chain attack targeting the npm ecosystem, where threat actors distributed the AdaptixC2 post-exploitation framework through a malicious package disguised as a legitimate proxy utility. The discovery highlights the growing risk of open-source software repositories as attack vectors for delivering advanced malware. In October 2025, Kaspersky experts…
-
Building Chromegg: A Chrome Extension for Real-Time Secret Detection
Ever accidentally pasted an API key into a web form? Chromegg is our new Chrome extension that scans form fields in real-time, alerting you BEFORE you submit secrets. Open-source & ready to use! First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/building-chromegg-a-chrome-extension-for-real-time-secret-detection/
-
Network security devices endanger orgs with ’90s era flaws
Tags: access, application-security, apt, authentication, breach, cisa, cisco, citrix, cloud, control, cve, cyber, cybersecurity, dos, email, endpoint, exploit, finance, firewall, firmware, flaw, government, group, incident response, infrastructure, injection, ivanti, jobs, linux, mitigation, mobile, network, open-source, penetration-testing, programming, regulation, remote-code-execution, reverse-engineering, risk, risk-management, router, service, software, threat, tool, vpn, vulnerability, zero-day2024 networking and security device zero-day flaws Product CVE Flaw type CVSS Check Point Quantum Security Gateways and CloudGuard Network Security CVE-2024-24919 Path traversal leading to information disclosure 8.6 (High) Cisco Adaptive Security Appliance CVE-2024-20359 Arbitrary code execution 6.6 (Medium) Cisco Adaptive Security Appliance CVE-2024-20353 Denial of service 8.6 (High) Cisco Adaptive Security Appliance …
-
Nodepass: Open-source TCP/UDP tunneling solution
When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/20/nodepass-open-source-tcp-udp-tunneling-solution/
-
Nodepass: Open-source TCP/UDP tunneling solution
When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/20/nodepass-open-source-tcp-udp-tunneling-solution/
-
Ransomware-Gruppe Yurei nutzt Open Source
Sicherheitsforscher von Check Point® Software Technologies Ltd. warnen seit Mitte September 2025 vor einer neuen Ransomware-Bedrohung namens Yurei. Der Name ist ein Begriff aus der japanischen Folklore für rastlose Geister. Die Gruppe verwendet Open Source für ihre Angriffe. Check Point Research … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/10/19/ransomware-gruppe-yurei-nutzt-open-source/
-
Mysterious Elephant APT Breach: Hackers Infiltrate Organization to Steal Sensitive Data
In a recently uncovered campaign, the Mysterious Elephant advanced persistent threat (APT) group has executed a sophisticated series of intrusions against government and foreign policy agencies across the Asia-Pacific region. The latest operations, active since early 2025, rely on custom-built malware modules and modified open-source utilities to target and siphon off documents, images, and archives…
-
Mysterious Elephant APT Breach: Hackers Infiltrate Organization to Steal Sensitive Data
In a recently uncovered campaign, the Mysterious Elephant advanced persistent threat (APT) group has executed a sophisticated series of intrusions against government and foreign policy agencies across the Asia-Pacific region. The latest operations, active since early 2025, rely on custom-built malware modules and modified open-source utilities to target and siphon off documents, images, and archives…
-
NightMARE: A Python Library for Advanced Malware Analysis and Threat Intelligence Extraction
Elastic Security Labs has officially released nightMARE version 0.16, a comprehensive Python library designed to streamline malware analysis and reverse engineering workflows. The open-source tool consolidates multiple analysis capabilities into a single framework, enabling security researchers to extract configuration data and intelligence indicators from widespread malware families more efficiently. The development of nightMARE addresses a…
-
NightMARE: A Python Library for Advanced Malware Analysis and Threat Intelligence Extraction
Elastic Security Labs has officially released nightMARE version 0.16, a comprehensive Python library designed to streamline malware analysis and reverse engineering workflows. The open-source tool consolidates multiple analysis capabilities into a single framework, enabling security researchers to extract configuration data and intelligence indicators from widespread malware families more efficiently. The development of nightMARE addresses a…
-
Kritischer Exploit für Remote-Code-Execution bedroht Redis-Instanzen
Der führende Anbieter für Cloud- und Containersicherheit Sysdig warnt vor einer neu entdeckten, kritischen Sicherheitslücke in Redis, dem weit verbreiteten Open-Source-In-Memory-Datenspeicher. Die Schwachstelle CVE-2025-49844, auch bekannt als ‘RediShell”, ermöglicht die Ausführung von Remote-Code (RCE) und wurde mit der höchsten CVSS-Risikobewertung von 10,0 eingestuft. 13 Jahre alte Schwachstelle ermöglicht vollständige Systemübernahme Die Lücke besteht seit rund…
-
Adobe Issues Urgent Security Updates for Connect, Commerce, and Creative Cloud Apps
Adobe has issued a set of security updates addressing more than 35 vulnerabilities across its product portfolio. These updates include fixes for several critical flaws affecting widely used applications such as Adobe Connect, Adobe Commerce, Magento Open Source, Creative Cloud Desktop, Bridge, Animate, and others. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/adobe-security-update-3/
-
Sysdig warnt vor kritischer Schwachstelle in Redis
‘RediShell” macht deutlich, wie gefährlich übersehene Altlasten im Open-Source-Ökosystem sein können. Selbst eine 13 Jahre alte Codebasis kann zu einem kritischen Einfallstor werden, wenn grundlegende Sicherheitspraktiken wie Authentifizierung, Zugriffskontrolle und Laufzeiterkennung fehlen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sysdig-warnt-vor-kritischer-schwachstelle-in-redis/a42370/
-
Wenn die Software-Lieferkette ins Visier gerät
Digitale Bedrohungen nehmen weltweit kontinuierlich zu. Meldungen über Malware, Ransomware oder DDoS-Attacken gehören bereits zum Alltag. Und auch Angriffe auf Software Supply Chains gibt es immer öfter. Die Täter nehmen dabei gern Marktplätze ins Visier, auf denen Entwickler fertige Software-Bausteine bzw. -Pakete tauschen. Was ist also beim Schwachstellenmanagement zu beachten? Welche Rolle spielt Open Source?…
-
Wenn die Software-Lieferkette ins Visier gerät
Digitale Bedrohungen nehmen weltweit kontinuierlich zu. Meldungen über Malware, Ransomware oder DDoS-Attacken gehören bereits zum Alltag. Und auch Angriffe auf Software Supply Chains gibt es immer öfter. Die Täter nehmen dabei gern Marktplätze ins Visier, auf denen Entwickler fertige Software-Bausteine bzw. -Pakete tauschen. Was ist also beim Schwachstellenmanagement zu beachten? Welche Rolle spielt Open Source?…
-
Maltrail: Open-source malicious traffic detection system
Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/15/maltrail-open-source-malicious-traffic-detection-system/
-
Maltrail: Open-source malicious traffic detection system
Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/15/maltrail-open-source-malicious-traffic-detection-system/
-
Maltrail: Open-source malicious traffic detection system
Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/15/maltrail-open-source-malicious-traffic-detection-system/
-
Discord Weaponized as C2 Server Across Popular Open-Source Package Repositories
Malicious packages on popular registries are abusing Discord webhooks to exfiltrate sensitive files and host telemetry, bypassing traditional C2 infrastructure and blending into legitimate HTTPS traffic. Discord webhooks are simple HTTPS URLs that accept POST requests; they require no credentials beyond possession of the URL, and traffic appears as innocent JSON over port 443. Socket’s…
-
Malicious NPM Packages Used in Sophisticated Developer Cyberattack
In October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem”, not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for malicious JavaScript. By seeding over 175 throwaway npm packages, attackers have turned a trusted open source delivery network into a large-scale…
-
Malicious NPM Packages Used in Sophisticated Developer Cyberattack
In October 2025, security researchers uncovered an unprecedented phishing campaign that weaponizes the npm ecosystem”, not by infecting developers during package installation, but by abusing the unpkg.com CDN as a disposable hosting platform for malicious JavaScript. By seeding over 175 throwaway npm packages, attackers have turned a trusted open source delivery network into a large-scale…
-
Free Open-Source Software for Modern Identity and Access Management
Explore free and open-source software options for modern Identity and Access Management (IAM). Enhance security and streamline user access with these powerful tools. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/10/free-open-source-software-for-modern-identity-and-access-management/
-
Threat Actors Exploit Discord Webhooks for C2 via npm, PyPI, and Ruby Packages
Threat actors are increasingly abusing Discord webhooks as covert command-and-control (C2) channels inside open-source packages, enabling stealthy exfiltration of secrets, host telemetry, and developer environment data without standing up bespoke infrastructure. Socket’s Threat Research Team has documented active abuse across npm, PyPI, and RubyGems, where hard-coded Discord webhook URLs act as write-only sinks to siphon…
-
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the…
-
Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks
Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware.The threat actor’s use of the security utility was documented by Sophos last month. It’s assessed that the…
-
Intel’s open source future in question as exec says he’s done carrying the competition
Tags: open-sourceKevork Kechichian says x86 giant’s contributions should benefit Intel first First seen on theregister.com Jump to article: www.theregister.com/2025/10/09/intel_open_source_commitment/