Tag: open-source
-
Wormable Malware Triggers GitHub’s Push for Stronger npm Security
GitHub is tightening npm publishing rules after a wormable malware attack exposed weaknesses in the open source supply chain. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/news/wormable-malware-triggers-githubs-push-for-stronger-npm-security/
-
OpenSSF warns that open source infrastructure doesn’t run on thoughts and prayers
Foundations say billions of downloads rely on registries running on fumes and someone’s gotta pay the bills First seen on theregister.com Jump to article: www.theregister.com/2025/09/23/openssf_open_source_infrastructure/
-
GitHub Introduces npm Security with Stronger Authentication and Trusted Publishing
Open source software powers much of today’s technology, enabling developers around the world to build and share tools, libraries, and applications. However, the same openness that drives innovation also presents serious security challenges. Attackers regularly target package registries like npm to compromise accounts and inject malicious code. In response, GitHub has announced significant updates to…
-
TDL 005 – A Defender’s Journey: From Passion Project to Protecting Children Online
Tags: access, business, control, corporate, country, cyber, cybersecurity, data-breach, defense, dns, encryption, endpoint, finance, github, government, group, guide, identity, Internet, jobs, microsoft, network, open-source, privacy, risk, service, technology, tool, zero-trustSummary A Defender’s Journey: From Passion Project to Protecting Children Online In a recent episode of “The Defender’s Log,” host David Redekop sat down with cybersecurity expert Will Earp to discuss his unconventional path into the industry and his current mission-driven career. Earp, a self-proclaimed “tinkerer” from a young age, shared how his early fascination…
-
Cybersecurity AI (CAI): Open-source framework for AI security
Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/22/cybersecurity-ai-cai-open-source-framework-ai-security/
-
Neue Hacker-Gruppe Yurei nutzt Open-Source-Code für Angriffe
Eine neue Ransomware-Gruppe namens Yurei japanisch für “rastlose Geister” hat binnen weniger Tage Unternehmen in Sri Lanka, Indien und Nigeria angegriffen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/neue-hacker-gruppe-yurei
-
Neue Ransomware-Gruppe Yurei: Open-Source-Code erleichtert weltweite Angriffe
Check Point Software Technologies warnt vor einer neuen Ransomware-Bedrohung namens Yurei, ein Begriff aus der japanischen Folklore für rastlose Geister. Check Point Research hat die Gruppe am 5. September 2025 erstmals entdeckt. Bereits in der ersten Woche konnte Yurei drei Unternehmen auf seiner Leak-Seite im Darknet aufführen: Sri Lanka: Ein Lebensmittelhersteller wurde als erstes Opfer kompromittiert.…
-
New Wave of Self-Replicating NPM Malware Exposes Critical Gaps in Software Supply Chain Security
The Shai-Hulud NPM worm highlights rising open-source supply chain threats. Secure builds with SBOMs, MFA, signed packages, and zero-trust defenses. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/new-wave-of-self-replicating-npm-malware-exposes-critical-gaps-in-software-supply-chain-security/
-
Where CISOs need to see Splunk go next
Tags: ai, api, automation, cisco, ciso, cloud, communications, compliance, conference, crowdstrike, cybersecurity, data, data-breach, detection, finance, framework, google, incident response, intelligence, jobs, metric, microsoft, open-source, RedTeam, resilience, risk, router, siem, soar, strategy, tactics, threat, tool, vulnerabilityResilience resides at the confluence of security and observability: There was also a clear message around resilience, the ability to maintain availability and recover quickly from any IT or security event.From a Cisco/Splunk perspective, this means a more tightly coupled relationship between security and observability.I’m reminded of a chat I had with the chief risk…
-
Open-Source Tool Greenshot Hit by Severe Code Execution Vulnerability
A security vulnerability has been discovered in Greenshot, the widely used open-source screenshot tool for Windows. The Greenshot vulnerability exposes to the risk of arbitrary code execution, potentially allowing attackers to bypass established security protocols and launch further malicious activities. A proof-of-concept (PoC) exploit has already been released, drawing attention to the critical nature of…
-
Malicious PyPI Packages Deliver SilentSync RAT
IntroductionZscaler ThreatLabz regularly monitors for threats in the popular Python Package Index (PyPI), which contains open source libraries that are frequently used by many Python developers. In July 2025, a malicious Python package named termncolor was identified by ThreatLabz. Just a few weeks later, on August 4, 2025, ThreatLabz uncovered two more malicious Python packages…
-
DEF CON 33: Dreadwware Interviews Jordan Kasper On Open Source In Government
Creators, Authors and Presenters: Dreadwware & Jordan Kasper Our sincere appreciation to DEF CON, and the Creators/Presenters/Authors for publishing their timely DEF CON 33 outstanding content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/def-con-33-dreadwware-interviews-jordan-kasper-on-open-source-in-government/
-
Open Source: Drei von vier Unternehmen in Deutschland bereits Nutzer
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/open-source-75-prozent-unternehmen-deutschland-nutzer
-
How Tenable Found a Way To Bypass a Patch for BentoML’s Server-Side Request Forgery Vulnerability CVE-2025-54381
Tenable Research recently discovered that the original patch for a critical vulnerability affecting BentoML could be bypassed. In this blog, we explain in detail how we discovered this patch bypass in this widely used open source tool. The vulnerability is now fully patched. Key takeaways Tenable Research discovered that the initial patch for a high-severity…
-
New Shai-hulud Worm Infecting npm Packages With Millions of Downloads
ReversingLabs discovers >>Shai-hulud,
-
Chaos Mesh Critical Vulnerabilities Expose Kubernetes Clusters to Takeover
Security Research recently uncovered four new flaws, CVE-2025-59358, CVE-2025-59359, CVE-2025-59360, and CVE-2025-59361, in the default configuration of the Chaos Controller Manager GraphQL server, a popular open-source chaos engineering platform for Kubernetes. Three of these flaws carry a maximum CVSS 3.1 score of 9.8, enabling any pod in the cluster to run arbitrary commands or inject…
-
Hackers Exploit AdaptixC2, an Emerging Open-Source C2 Tool
In early May 2025, Unit 42 researchers observed that AdaptixC2 was used to infect several systems. While many C2 frameworks garner public attention, AdaptixC2 has remained largely under the radar”, until Unit 42 documented its deployment by real-world threat actors. This article examines AdaptixC2’s capabilities, recent infection scenarios, and guidance for defenders to anticipate and…
-
5 steps for deploying agentic AI red teaming
Tags: access, ai, application-security, attack, automation, blizzard, business, cloud, control, data, defense, exploit, framework, gartner, governance, infrastructure, malicious, open-source, RedTeam, risk, risk-assessment, service, software, threat, tool, zero-trustFive steps to take towards implementing agentic red teaming: 1. Change your attitude Perhaps the biggest challenge for agentic red teaming is adjusting your perspective in how to defend your enterprise. “The days where database admins had full access to all data are over,” says Suer. “We need to have a fresh attitude towards data…
-
Supply Chain Attack >>Shai-Halud<< Targets 477 NPM Packages
A major supply chain attack dubbed >>Shai-Halud>Shai-Halud
-
Supply Chain Attack >>Shai-Halud<< Targets 477 NPM Packages
A major supply chain attack dubbed >>Shai-Halud>Shai-Halud
-
Rayhunter: EFF releases open-source tool to detect cellular spying
The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/17/rayhunter-eff-open-source-tool-detect-cellular-spying/
-
Warning: Hackers have inserted credential-stealing code into some npm libraries
Tags: api, attack, authentication, ciso, cloud, credentials, github, google, hacker, Hardware, incident response, malware, mfa, monitoring, open-source, phishing, sans, software, supply-chain, threatMore than 40 packages affected: One of the researchers who found and flagged the hack Monday was French developer François Best, and it was also described in blogs from StepSecurity, Socket, ReversingLabs and Ox Security. These blogs contain a full list of compromised packages and indicators of compromise.Researchers at Israel-based Ox Security said there was a…
-
Self-Replicating ‘Shai-hulud’ Worm Targets NPM Packages
The newly emerged worm has spread across hundreds of open source software packages, stealing credentials and infecting other components without much direct attacker input. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/self-replicating-shai-hulud-worm-npm-packages
-
Open Source CyberSOCEval Sets New Benchmark for AI in Malware Analysis and Threat Intelligence
Open Source CyberSOCEval, a newly launched evaluation platform, is making waves in the cybersecurity community by demonstrating how artificial intelligence can transform malware analysis and threat intelligence. Developed by a group of independent security researchers, CyberSOCEval combines advanced machine learning models with real-world malware samples to offer organizations a clear view of how AI tools…
-
DjangoCon US 2025: Security, Simplicity, and Community
Tags: open-sourceAt DjangoCon US 2025, speakers emphasized seasoned tech over hype, featuring secure GitOps workflows, simpler frontend alternatives, and sustainable open-source models. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/djangocon-us-2025-security-simplicity-and-community/
-
New ransomware Yurei adopts open-source tools for double-extortion campaigns
Tags: access, attack, authentication, backup, breach, ciso, cloud, control, data, edr, extortion, flaw, intelligence, Internet, mfa, network, open-source, phishing, powershell, ransomware, resilience, risk, service, switch, threat, tool, windowsBigger risks beyond downtime: The double-extortion ransomware appears to be an early version, as it has loopholes. Ransomware often targets and deletes shadow copies to block victims from using Windows’ built-in recovery options. But Yurei did not delete the shadow copies, which, if enabled, can allow the victim to restore their files to a previous…
-
CVE-2025-58434: Critical FlowiseAI Flaw Enables Full Account Takeover
A severe security vulnerability has been discovered in FlowiseAI, an open-source AI workflow automation tool, exposing users to the risk of complete account compromise. Tracked as CVE-2025-58434, this vulnerability affects both the cloud-hosted version of FlowiseAI and self-hosted deployments that expose the relevant API endpoints. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cve-2025-58434/
-
Arkime: Open-source network analysis and packet capture system
Arkime is an open-source system for large-scale network analysis and packet capture. It works with your existing security tools to store and index network traffic in standard … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/15/arkime-open-source-network-analysis-packet-capture-system/
-
Yurei Ransomware Uses PowerShell to Deploy ChaCha20 File Encryption
A newly discovered ransomware group called Yurei has emerged with sophisticated encryption capabilities, targeting organizations through double-extortion tactics while leveraging open-source code to rapidly scale operations. First observed on September 5, 2025, this Go-based ransomware employs the ChaCha20 encryption algorithm and PowerShell commands to compromise victim systems, marking another evolution in the ransomware-as-a-service ecosystem. Flow…