Tag: open-source
-
35 open-source security tools to power your red team, SOC, and cloud security
This article showcases free, open-source security tools that support your organization’s teams in red teaming, threat hunting, incident response, vulnerability scanning, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/18/free-open-source-security-tools/
-
35 open-source security tools to power your red team, SOC, and cloud security
This article showcases free, open-source security tools that support your organization’s teams in red teaming, threat hunting, incident response, vulnerability scanning, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/18/free-open-source-security-tools/
-
New Chaos RAT Variants Targeting Windows and Linux Systems to Steal Sensitive Data
The Acronis Threat Research Unit has identified new variants of Chaos RAT, a remote administration tool (RAT) that has evolved from an open-source project first observed in 2022 into a formidable multi-platform malware. These latest iterations of Chaos RAT are now targeting both Windows and Linux systems, showcasing an alarming level of sophistication through phishing-driven…
-
Malicious PyPI package targets Chimera users to steal AWS tokens, CI/CD secrets
Tags: attack, control, exploit, malicious, monitoring, open-source, pypi, rce, remote-code-execution, supply-chainProtection needs a multi-layered approach: Experts are treating the chimera-sandbox-extension incident as more than just another malicious package takedown. While JFrog acted quickly”, alerting PyPI maintainers, removing the package, and updating its Xray scannerresearchers agree that a one-time fix isn’t enough.”Within the last five years, attackers have leveraged PyPI and other package managers to exploit…
-
Water Curse Hacker Group Uses 76 GitHub Accounts to Spread Multistage Malware
A newly identified threat actor known as Water Curse has been linked to a sprawling campaign utilizing at least 76 GitHub accounts to distribute weaponized repositories packed with multistage malware. This financially motivated group leverages the inherent trust in open-source platforms to target a diverse range of victims, including cybersecurity professionals, red teamers, penetration testers,…
-
Cross-Site Scripting (XSS) Schwachstelle CVE-2025-4123 in Grafana
In der Open-Source-Software Grafana wurde die Tage eine Cross-Site Scripting (XSS) Schwachstelle CVE-2025-4123 öffentlich. Es ist ein kritischer offener Redirect-Fehler in Grafana, der zur Übernahme von Konten führen könnte. Updaten ist angesagt, aber Tausende Grafana-Instanzen sind per Internet erreichbar. Grafana … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/17/cross-site-scripting-xss-schwachstelle-cve-2025-4123-in-grafana/
-
Apache Tomcat Flaws Allow Auth Bypass and DoS Attacks
Tags: apache, attack, authentication, cyber, dos, flaw, open-source, service, software, update, vulnerabilityThe Apache Software Foundation has released critical security updates to address four newly discovered vulnerabilities in Apache Tomcat, one of the world’s most widely used open-source Java servlet containers. These flaws, affecting Tomcat versions 9.0, 10.1, and 11.0, expose systems to denial-of-service (DoS) attacks, privilege escalation, installer abuse, and authentication bypass, prompting urgent calls for…
-
LinuxFest Northwest: Beyond ARIA Labels What A Blind Film Enthusiast Can Teach Us About Open Source
Authors/Presenters: José Ibañez (CEO at Blind Penguin), Raissa Ibañez (Manager At Blind Penguin) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham Technical College in Bellingham, Washington; and…
-
New quantum system offers publicly verifiable randomness for secure communications
Tags: blockchain, communications, crypto, cyber, cybersecurity, docker, email, finance, government, Hardware, infrastructure, open-source, software, technology, threat, toolNature and detailed in an accompanying arXiv preprint, CURBy leverages the phenomenon of quantum entanglement, where particles maintain interconnected states regardless of distance, to create fundamentally unpredictable outputs.”From a security perspective, this approach offers something valuable the ability to independently verify that random numbers haven’t been compromised,” noted Narayan Gokhale, vice president at QKS Group.…
-
MDEAutomator: Open-source endpoint management, incident response in MDE
Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/16/mdeautomator-open-source-automation-microsoft-defender-for-endpoint-mde/
-
LinuxFest Northwest: Clonezilla Live On RISC-V Crafting Open Source Live Systems For Open Hardware
Authors/Presenters: Steven Shiau (Clonezilla Project Leader); Yu-Chin Tsai (Clonezilla NCHC Partclone); Chen-Kai Sun (Clonezilla Project / Engineer In NCHC) Our sincere appreciation to LinuxFest Northwest (Now Celebrating Their Organizational 25th Anniversary Of Community Excellence), and the Presenters/Authors for publishing their superb LinuxFest Northwest 2025 video content. Originating from the conference’s events located at the Bellingham…
-
Dark web AI service abuses legitimate open-source models
First seen on scworld.com Jump to article: www.scworld.com/news/dark-web-ai-service-abuses-legitimate-open-source-models
-
Unusual Toolset Behind Fog Ransomware Prompts Fresh Security Concerns
A newly discovered ransomware operation dubbed Fog is raising fresh concerns in the cybersecurity community after researchers found it leveraging a highly unusual mix of legitimate business software and open-source offensive security tools. The campaign, observed in June 2025, is part of a growing trend where cybercriminals are repurposing trusted programs to evade traditional detection…
-
Danish government agency to ditch Microsoft software in push for digital independence
Denmark’s digital affairs ministry says it plans to switch to the open source LibreOffice software and away from Microsoft products as part of an effort to make the government more digitally independent. First seen on therecord.media Jump to article: therecord.media/denmark-digital-agency-microsoft-digital-independence
-
Threat Actor Abuses TeamFiltration for Entra ID Account Takeovers
Proofpoint researchers discovered a large-scale campaign using the open source penetration-testing framework that has targeted more than 80,000 Microsoft accounts. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/threat-actor-teamfiltration-entra-id-attacks
-
Fog ransomware gang abuses employee monitoring tool in unusual multi-stage attack
Tags: attack, china, cloud, control, corporate, encryption, espionage, exploit, google, group, intelligence, microsoft, monitoring, network, open-source, penetration-testing, ransomware, service, threat, toolOpen-source pen testers for executing commands: Another peculiarity observed in the attack was the use of open-source penetration testing tools, like GC2 and Adaptix C2, rarely seen with ransomware attacks.Google Command and Control (GC2) is an open-source post-exploitation tool that allows attackers to control compromised systems using legitimate cloud services like Google Sheets and Google…
-
Fog Ransomware Uses Pentesting Tools to Steal Data and Launch Attacks
Tags: attack, breach, cyber, cybercrime, cybersecurity, data, data-breach, finance, hacker, monitoring, network, open-source, penetration-testing, ransomware, software, tactics, toolFog ransomware incidents in recent years have exposed a dangerous new trend in cybercrime: hackers are using open-source penetration testing tools and genuine staff monitoring software to breach networks, steal confidential data, and initiate ransomware attacks. This unprecedented blend of tactics has targeted major financial institutions, raising alarms among cybersecurity professionals. Unprecedented Toolset in a…
-
Malware attack disguises itself as DeepSeek installer
Cybercriminals are exploiting the growing interest in open source AI models by disguising malware as a legitimate installer for DeepSeek. First seen on grahamcluley.com Jump to article: grahamcluley.com/malware-attack-disguises-itself-as-deepseek-installer/
-
Fog ransomware uses legit monitoring software, open-source tools
First seen on scworld.com Jump to article: www.scworld.com/news/fog-ransomware-uses-legit-monitoring-software-and-open-source-tools
-
ZeroRISC Raises $10M to Scale Open-Source Silicon Security
Tags: open-sourceFirst seen on scworld.com Jump to article: www.scworld.com/brief/zerorisc-raises-10m-to-scale-open-source-silicon-security
-
Neues GenAI-Tool soll Open-Source-Sicherheit erhöhen
Tags: ai, bug, chatgpt, cvss, exploit, github, incident response, linux, LLM, open-source, tool, update, vulnerabilityEin neu entwickeltes GenAI-Tool soll helfen, Schwachstellen in großen Open-Source-Repositories zu erkennen und zu patchen.Niederländische und iranische Sicherheitsforscher haben ein neues Tool auf Basis von generativer KI (GenAI) ins Leben gerufen, das Plattformen wie ChatGPT ermöglichen soll, Bugs in Code-Repositories zu erkennen und zu patchen.Die Anwendung wurde getestet, indem GitHub nach einer bestimmten Schwachstelle durch…
-
Black Duck Elevates Leadership with New Chief Product Technology Officer
Black Duck has announced the appointment of Dipto Chakravarty as Chief Product & Technology Officer. Mr. Chakravarty brings a 30+ year track record of leading product development and technology teams, with domain expertise in AI, data intelligence, cloud security, and open-source technologies. At Black Duck, he will drive the product strategy, product management, and R&D…
-
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)
For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/11/microsoft-fixes-zero-day-exploited-for-cyber-espionage-cve-2025-33053/
-
Apache CloudStack Flaw Allows Attackers to Execute Privileged Actions
Apache CloudStack, a leading open-source cloud management platform, has announced the immediate availability of new Long-Term Support (LTS) releases”, version 4.19.3.0 and 4.20.1.0″, to address multiple critical security vulnerabilities. The advisory, published by PMC member Pearl Dsilva on June 10, 2025, highlights five distinct vulnerabilities, two of which are rated critical and pose significant risks…
-
Microsoft fixes zero-day exploited for cyber espionage (CVE-2025-33053)
For June 2025 Patch Tuesday, Microsoft has fixed 66 new CVEs, including a zero-day exploited in the wild (CVE-2025-33053). Also, Adobe Commerce and Magento Open Source users … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/11/microsoft-fixes-zero-day-exploited-for-cyber-espionage-cve-2025-33053/
-
OWASP Nettacker: Open-source scanner for recon and vulnerability assessment
OWASP Nettacker is a free, open-source tool designed for network scanning, information gathering, and basic vulnerability assessment. Built and maintained by the OWASP … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/11/owasp-nettacker-open-source-scanner/
-
Is attacker laziness enabled by genAI shortcuts making them easier to catch?
Tactics of attackers: The OpenAI report, published in June, detailed a variety of defenses the company has deployed against fraudsters. One, for example, involved bogus job applications.”We identified and banned ChatGPT accounts associated with what appeared to be multiple suspected deceptive employment campaigns. These threat actors used OpenAI’s models to develop materials supporting what may…
-
Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw
Two Mirai variants integrate the exploit: The first botnet exploiting CVE-2025-24016 was detected by Akamai in March and used a proof-of-concept (PoC) exploit that was published for the vulnerability in late February. That exploit targets the /security/user/authenticate/run_as API endpoint.The second botnet was detected in early May and targeted the /Wazuh endpoint, but the exploit payload…
-
Critical Wazuh bug exploited in growing Mirai botnet infection
The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too First seen on theregister.com Jump to article: www.theregister.com/2025/06/10/critical_wazuh_bug_exploited_in/