Tag: open-source
-
Flaw in AI Libraries Exposes Models to Remote Code Execution
3 Major Tech Firms Shipped Vulnerable Open-Source Tools to Hugging Face. Researchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by models with tens of millions of Hugging Face downloads, allowing attackers to hide malicious code in model metadata. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/flaw-in-ai-libraries-exposes-models-to-remote-code-execution-a-30519
-
CISO Assistant: Open-source cybersecurity management and GRC
CISO Assistant is an open-source governance, risk, and compliance (GRC) platform designed to help security teams document risks, controls, and framework alignment in a … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/14/ciso-assistant-open-source-cybersecurity-management-grc/
-
Product showcase: Orbot Tor VPN for iOS
Orbot for iOS is a free, open-source networking tool that routes supported app traffic through the Tor network. Developed by the Guardian Project, it is intended for users who … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/14/product-showcase-orbot-tor-ios/
-
AuraInspector: Open-Source Misconfiguration Detection for Salesforce Aura
Mandiant has released AuraInspector, an open-source command-line tool designed to help security teams identify and audit access control misconfigurations within the Salesforce Aura framework that could expose sensitive data, including credit card numbers, identity documents, and health information. The tool addresses a critical gap in Salesforce Experience Cloud security, where complex sharing rules and multi-level…
-
Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware
Security experts have disclosed details of an active malware campaign that’s exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass security controls and deliver a wide range of commodity trojans and stealers.”Attackers achieve evasion by pairing a malicious libcares-2.dll with any signed version of the legitimate ahost.exe…
-
Popular Python libraries used in Hugging Face models subject to poisoned metadata attack
The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group First seen on theregister.com Jump to article: www.theregister.com/2026/01/13/ai_python_library_bugs_allow/
-
Attackers Abuse Python, Cloudflare to Deliver AsyncRAT
The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/attackers-abuse-python-cloudflare-deliver-asyncrat
-
AI Supply Chain Risk: Will CIOs Be Held Accountable?
Growing Third-Party Breach Trend Is Spreading to AI Suppliers IT organizations have built processes for reducing vendor risk, but in the AI era, that operating model is being dismantled. Modern AI environments are built on dynamic external foundational models, countless APIs, open-source components and continuous data pipelines that pose risks. First seen on govinfosecurity.com Jump…
-
AuraInspector: Open-source tool to audit Salesforce Aura access control misconfigurations
Google and its Mandiant threat intelligence unit have released AuraInspector, an open-source tool aimed at auditing data access paths in Salesforce Experience Cloud … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/13/aurainspector-open-source-tool-salesforce-aura/
-
Mandiant open sources tool to prevent leaky Salesforce misconfigs
AuraInspector automates the most common abuses and generates fixes for customers First seen on theregister.com Jump to article: www.theregister.com/2026/01/13/mandiant_salesforce_tool/
-
U.S. CISA adds a flaw in Gogs to its Known Exploited Vulnerabilities catalog
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, kev, open-source, service, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw impacting Gogs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)addeda Gogspath traversal vulnerability, tracked as CVE-2025-8110 (CVSS Score of 8.7), to itsKnown Exploited Vulnerabilities (KEV) catalog. Gogs (Go Git Service) is a lightweight, open-source, self-hosted Git service written…
-
Critical vulnerability found in n8n workflow automation platform
The open-source platform is widely used across enterprise environments, leaving thousands of instances at risk. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-vulnerability-n8n-automation-platform/809360/
-
Brussels plots open source push to pry Europe off Big Tech
Tags: open-sourceCall for Evidence casts FOSS as a way to break US dependence First seen on theregister.com Jump to article: www.theregister.com/2026/01/11/eu_open_source_consultation/
-
pfSense: Open-source firewall and routing platform
Firewalls, VPN access, and traffic rules need steady attention, often with limited budgets and staff. In that context, the open source pfSense Community Edition (CE) continues … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/12/pfsense-open-source-firewall-routing-platform/
-
Use of XMRig Cryptominer by Threat Actors Expanding: Expel
Security researchers last year wrote about a surge in the use by threat actors of the legitimate XMRig cryptominer, and cybersecurity firm Expel is now outlining the widening number of malicious ways they’re deploying the open-source tool against corporate IT operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/use-of-xmrig-cryptominer-by-threat-actors-expanding-expel/
-
Ni8mare: Kritische n8n-Lücke bedroht 100.000 Server
Tags: access, api, bug, cloud, cve, cvss, cyberattack, google, open-source, rce, remote-code-execution, update, vulnerabilityn8n-Anwender sollten ihre Systeme dringend patchen. Forscher warnen vor einer schwerwiegenden Sicherheitslücke. Forscher des Security-Anbieters Cyera haben eine schwerwiegende Schwachstelle in der Workflow-Automatisierungsplattform n8n entdeckt. Sie ermöglicht es Angreifern, beliebigen Code auszuführen. Auf diese Weise könnten sie die vollständige Kontrolle über die betroffene Umgebung übernehmen, so die Experten. Laut Forschungsbericht sind davon 100.000 Server betroffen.…
-
Product showcase: TrackerControl lets Android users see who’s tracking them
TrackerControl is an open-source Android application designed to give users visibility into and control over the hidden data within mobile apps. Many apps routinely … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/09/product-showcase-trackercontrol-for-android/
-
Free Docker Hardened Images challenge Chainguard
Docker calls out Chainguard by making all its hardened container images available free, while Chainguard expands its support for open source security. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366636656/Free-Docker-Hardened-Images-challenge-Chainguard
-
Inside Vercel’s sleep-deprived race to contain React2Shell
Talha Tariq quickly found his company at the center of a fast-moving, high-stakes mitigation effort. The result: a bounty program, a cat-and-mouse patch fight, and a debate about open-source security coordination. First seen on cyberscoop.com Jump to article: cyberscoop.com/vercel-cto-security-react2shell-vulnerability/
-
The Myth of Linux Invincibility: Why Automated Patch Management is Key to Securing the Open Source Enterprise
Users and developers have hailed Linux as the operating system that >>just works,<< celebrating it for decades as a symbol of open source strength, speed, and security. Linux's architecture and permissions model have long helped maintain cybersecurity resilience, fostering a reputation for near-invincible security. However, without additional layers of security to protect enterprise environments beyond..…
-
The State of Trusted Open Source
Chainguard, the trusted source for open source, has a unique view into how modern organizations actually consume open source software and where they run into risk and operational burdens. Across a growing customer base and an extensive catalog of over 1800 container image projects, 148,000 versions, 290,000 images, and 100,000 language libraries, and almost half…
-
Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances
Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution.The list of vulnerabilities is as follows -CVE-2025-66209 (CVSS score: 10.0) – A command injection vulnerability in the database backup functionality allows any authenticated First seen on thehackernews.com Jump to…
-
Coolify Discloses 11 Critical Flaws Enabling Full Server Compromise on Self-Hosted Instances
Cybersecurity researchers have disclosed details of multiple critical-severity security flaws affecting Coolify, an open-source, self-hosting platform, that could result in authentication bypass and remote code execution.The list of vulnerabilities is as follows -CVE-2025-66209 (CVSS score: 10.0) – A command injection vulnerability in the database backup functionality allows any authenticated First seen on thehackernews.com Jump to…
-
StackRox: Open-source Kubernetes security platform
Security teams spend a lot of time stitching together checks across container images, running workloads, and deployment pipelines. The work often happens under time pressure, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/08/stackrox-kubernetes-security-platform-open-source/
-
Malicious NPM Packages Deliver NodeCordRAT
IntroductionZscaler ThreatLabz regularly monitors the npm database for suspicious packages. In November 2025, ThreatLabz identified three malicious packages: bitcoin-main-lib, bitcoin-lib-js, and bip40. The bitcoin-main-lib and bitcoin-lib-js packages execute a postinstall.cjs script during installation, which installs bip40, the package that contains the malicious payload. This final payload, named NodeCordRAT by ThreatLabz, is a remote access trojan (RAT) with data-stealing capabilities. It is also possible to download bip40…
-
Malicious NPM Packages Deliver NodeCordRAT
IntroductionZscaler ThreatLabz regularly monitors the npm database for suspicious packages. In November 2025, ThreatLabz identified three malicious packages: bitcoin-main-lib, bitcoin-lib-js, and bip40. The bitcoin-main-lib and bitcoin-lib-js packages execute a postinstall.cjs script during installation, which installs bip40, the package that contains the malicious payload. This final payload, named NodeCordRAT by ThreatLabz, is a remote access trojan (RAT) with data-stealing capabilities. It is also possible to download bip40…
-
n8n Warns of CVSS 10.0 RCE Vulnerability Affecting Self-Hosted and Cloud Versions
Tags: automation, cloud, cve, cvss, exploit, flaw, open-source, rce, remote-code-execution, vulnerabilityOpen-source workflow automation platform n8n has warned of a maximum-severity security flaw that, if successfully exploited, could result in authenticated remote code execution (RCE).The vulnerability, which has been assigned the CVE identifier CVE-2026-21877, is rated 10.0 on the CVSS scoring system.”Under certain conditions, an authenticated user may be able to cause untrusted code to be…
-
HackerOne ‘ghosted’ me for months over $8,500 bug bounty, says researcher
Long after CVEs issued and open source flaws fixed First seen on theregister.com Jump to article: www.theregister.com/2026/01/07/hackerone_ghosted_researcher/
-
New n8n Vulnerability Allows Attackers to Execute Arbitrary Commands
A critical vulnerability has been discovered in n8n, an open-source automation and workflow platform, that could allow authenticated users to execute arbitrary commands on vulnerable systems. The flaw, tracked as CVE-2025-68668, affects all n8n versions from 1.0.0 to 1.999.999 and has a CVSS score of 9.1, indicating severe risk. Attribute Details CVE ID CVE-2025-68668 Vulnerability…