Tag: open-source
-
From malware to deepfakes, generative AI is transforming attacks
Generative AI is even helping hackers trick open-source developers into using malicious code, according to Gartner. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-cyberattacks-malware-open-source-phishing-gartner/750283/
-
From malware to deepfakes, Gen AI is transforming cyberattacks
Generative AI is even helping hackers trick open-source developers into using malicious code, according to Gartner. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-cyberattacks-malware-open-source-phishing-gartner/750283/
-
ISPConfig Vulnerability Allows Privilege Escalation to Superadmin and PHP Code Injection Exploit
A critical security vulnerability has been identified in ISPConfig version 3.2.12p1, a widely used open-source web hosting control panel. The vulnerability allows authenticated attackers to escalate their privileges to that of a superadmin and execute arbitrary PHP code remotely, posing a serious risk to affected systems. The vulnerability primarily originates from design Vulnerability in ISPConfig’s…
-
Mirai botnets exploit Wazuh RCE, Akamai warned
Tags: botnet, compliance, cve, data, detection, exploit, flaw, open-source, rce, remote-code-execution, threat, vulnerabilityMirai botnets are exploiting CVE-2025-24016, a critical remote code execution flaw in Wazuh servers, Akamai warned. Akamai researchers warn that multiple Mirai botnets exploit the critical remote code execution vulnerability CVE-2025-24016 (CVSS score of 9.9) affecting Wazuh servers. Wazuh is an open-source security platform used for threat detection, intrusion detection, log data analysis, and compliance…
-
Unpatched Wazuh servers targeted by Mirai botnets (CVE-2025-24016)
Two Mirai botnets are exploiting a critical remote code execution vulnerability (CVE-2025-24016) in the open-source Wazuh XDR/SIEM platform, Akamai researchers have warned. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/10/unpatched-wazuh-servers-targeted-by-mirai-botnets-cve-2025-24016/
-
Mirai Botnets Exploit Flaw in Unpatched Wazuh Servers
Modular Mirai Malware Code Strikes Again. No fewer than two separate Mirai botnets are on the hunt for unpatched servers hosting open source SIEM solution Wazuh, an unusual variation of hackers’ typical focus on Internet of Things devices for stringing together infected computers. Akamai dates the first campaign to March, the other to May. First…
-
What’s New in CodeSentry 7.2
Explore the latest features and enhancements in CodeSentry 7.2! CodeSentry 7.2 SaaS introduces AI Component Detection, which highlights the use of Artificial Intelligence (AI) or Machine Learning (ML) software packages in the Software Bill Of Materials using component tags. This includes the most popular open source tools such as TensorFlow and SciKit among many others. “¦…
-
Unverified code is the next national security threat
Congress and federal agencies can take some simple steps to better protect open-source software. First seen on cyberscoop.com Jump to article: cyberscoop.com/unverified-code-is-the-next-national-security-threat-op-ed/
-
fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic
fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/09/fiddleitm-open-source-mitmproxy-add-on-identify-malicious-web-traffic/
-
From StackStorm to DeepTempo
And what does it tell us about Cybersecurity? As the founding CEO of StackStorm and now DeepTempo, I’ve seen how the needs of CISOs and SOCs have changed over the last 10+ years. New challenges and a better color scheme! When we started StackStorm, the cybersecurity landscape was different. Our power users rarely asked for more alerts”Š”,…
-
Hundreds of Malicious GitHub Repos Targeting Novice Cybercriminals Traced to Single User
Sophos X-Ops researchers have identified over 140 GitHub repositories laced with malicious backdoors, orchestrated by a single threat actor associated with the email address ischhfd83[at]rambler[.]ru. Initially sparked by a customer inquiry into the Sakura RAT, a supposed open-source malware touted for its >>sophisticated anti-detection capabilities,
-
Millions of Android devices roped into Badbox 2.0 botnet. Is yours among them?
Millions of Internet-of-Things (IoT) devices running the open-source version of the Android operating system are part of the Badbox 2.0 botnet, the FBI has warned. Cyber … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/06/millions-of-android-devices-roped-into-badbox-2-0-botnet-is-yours-among-them/
-
Critical FreeRTOS-Plus-TCP Flaw Allows Code Execution or System Crash
A critical memory corruption vulnerability, tracked as CVE-2025-5688, has been disclosed in FreeRTOS-Plus-TCP, Amazon’s open-source TCP/IP stack widely used in embedded and IoT devices. The flaw, rated 8.4 (High) on the CVSS scale, is rooted in how the stack processes Link-Local Multicast Name Resolution (LLMNR) and Multicast DNS (mDNS) queries containing excessively long DNS names,…
-
BADBOX 2.0 Malware Hits Over a Million Android Devices in Global Cyber Threat
HUMAN’s Satori Threat Intelligence and Research team, in collaboration with Google, Trend Micro, and Shadowserver, has uncovered and partially disrupted a massive cyber fraud operation named BADBOX 2.0. This operation, an evolved iteration of the original BADBOX malware disclosed in 2023, has infected over 1 million Android Open Source Project (AOSP) devices worldwide, marking it…
-
Open-source Chaos RAT used in recent attacks targeting Linux
First seen on scworld.com Jump to article: www.scworld.com/news/open-source-chaos-rat-used-in-recent-attacks-targeting-linux
-
New Chaos RAT Targets Linux and Windows Users to Steal Sensitive Data
A new wave of cyber threats has emerged with the discovery of updated variants of Chaos RAT, a notorious open-source remote administration tool (RAT) first identified in 2022. As reported by Acronis TRU researchers in their recent 2025 analysis, this malware continues to evolve, targeting both Linux and Windows environments with sophisticated capabilities for espionage…
-
Hacker selling critical Roundcube webmail exploit as tech info disclosed
Hackers are actively exploiting CVE-2025-49113, a critical vulnerability in the widely used Roundcube open-source webmail application that allows remote execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hacker-selling-critical-roundcube-webmail-exploit-as-tech-info-disclosed/
-
Odoo Employee Database Allegedly Exposed and Put Up for Sale on Dark Web
A data breach has reportedly struck Odoo, a leading Belgian provider of open-source business management software. On June 5, 2025, a 63.4MB employee database”, allegedly sourced through a “collaborative effort with a senior insider””, was advertised for sale on a dark web forum. The seller is demanding $25,000 in Monero (XMR) or Bitcoin (BTC) for…
-
Microsoft launches European Security Program to counter nation-state threats
Tags: access, ai, attack, blizzard, cloud, control, country, crime, crimes, cyber, cybercrime, cybersecurity, framework, google, government, group, infrastructure, intelligence, malicious, malware, microsoft, network, open-source, resilience, russia, service, strategy, threat, vulnerabilityThree-component strategy: The European Security Program will operate through three main components designed to strengthen continental cyber defenses.The first element centers on enhanced threat intelligence sharing, where Microsoft will provide European governments with AI-enhanced, real-time insights into nation-state tactics.The company’s Digital Crimes Unit will expand intelligence sharing through the Cybercrime Threat Intelligence Program, giving European…
-
Supply chain attack hits RubyGems to steal Telegram API data
Risk may extend past the regional ban: The malicious packages (Gems) were published by the threat actor on May 24, 2025, three days after Vietnam’s Ministry of Information and Communications ordered a nationwide ban on Telegram and gave internet service providers until June 2 to report compliance.Apart from the timing, the aliases used by the…
-
Backdoor im Code: Hacker trickst Scriptkiddies mit Fake-Trojaner aus
Wer auf Github nach Open-Source-Trojanern sucht, sollte Vorsicht walten lassen. Nicht selten enthalten die Projekte eine gefährliche Backdoor. First seen on golem.de Jump to article: www.golem.de/news/backdoor-im-code-hacker-trickst-scriptkiddies-mit-fake-trojaner-aus-2506-196875.html
-
Meta open-sources AI tool to automatically classify sensitive documents
Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/05/meta-open-source-automated-sensitive-document-classification-tool/
-
Open-source code repos open to supply chain attacks, researchers warn
First seen on scworld.com Jump to article: www.scworld.com/news/open-source-code-repos-open-to-supply-chain-attacks-researchers-warn
-
Chaos RAT Malware Targets Windows and Linux via Fake Network Tool Downloads
Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems.According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments.”Chaos RAT is…
-
Malicious PyPI, npm, and Ruby Packages Exposed in Ongoing Open-Source Supply Chain Attacks
Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in open-source ecosystems.The findings come from multiple reports published by Checkmarx, First seen on thehackernews.com…
-
The Texting Network for the End of the World
Everyone knows what it’s like to lose cell service. A burgeoning open source project called Meshtastic is filling the gap for when you’re in the middle of nowhere”, or when disaster strikes. First seen on wired.com Jump to article: www.wired.com/story/youre-not-ready-for-phone-dead-zones/
-
Google patches third zero-day flaw in Chrome this year
Vulnerability in the JavaScript engine: The Chrome team described the vulnerability as an out of bounds memory read and write in V8, which is Chrome’s JavaScript and WebAssembly engine. The open-source V8 engine is used in other projects as well, including the Node.js runtime. Because the engine is designed to interpret and execute JavaScript and…