Tag: open-source
-
Fortinet FortiGate Devices Targeted by CyberStrikeAI, Allowing Hackers to Bypass Security
Threat intelligence researchers at Team Cymru have uncovered an open-source AI-powered offensive security tool called CyberStrikeAI, actively used to target Fortinet FortiGate devices at scale, with its developer carrying suspected ties to China’s Ministry of State Security (MSS).”‹ CyberStrikeAI is an AI-native security testing platform written in Go, developed by a GitHub user named Ed1s0nZ.…
-
Android devices hit by exploited Qualcomm flaw CVE-2026-21385
Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385 (CVSS score of 7.8), a high-severity vulnerability affecting an open-source Qualcomm component used in Android devices, has been actively exploited. >>There are indications that CVE-2026-21385 may be under limited, targeted exploitation.<< reads Google's advisory. The flaw is…
-
New ‘StegaBin’ Campaign Deploys Multi-Stage Credential Stealer via 26 Malicious npm Packages
Tags: access, attack, credentials, crypto, cyber, malicious, north-korea, open-source, supply-chain, threatA new supply-chain attack dubbed StegaBin is targeting JavaScript developers through 26 malicious npm packages that appear to be popular open-source libraries but secretly deploy a multi-stage credential-stealing toolkit and a Remote Access Trojan (RAT). The campaign is linked to the North Korean-aligned FAMOUS CHOLLIMA threat actor, known from previous “Contagious Interview” operations against cryptocurrency…
-
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild.The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component.”Memory corruption when adding user-supplied data without checking available buffer space,” Qualcomm said in an advisory, First…
-
Hackerbot-Claw Bot Exploits GitHub Actions CI/CD Flaw to Attack Microsoft and DataDog
Tags: ai, attack, automation, cyber, exploit, flaw, github, microsoft, open-source, remote-code-executionHackerbot-claw, an autonomous AI bot, has launched a week-long campaign abusing GitHub Actions misconfigurations to hit CI/CD pipelines at Microsoft, DataDog, and other major open-source projects, achieving remote code execution (RCE) and even full repo compromise in some cases. The attacks highlight how unsafe pull_request_target workflows and shell interpolation bugs can turn routine automation into…
-
Cyberattackers Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Coding Tools
Threat actors compromised the Aqua Trivy VS Code extension on OpenVSX by publishing malicious versions 1.8.12 and 1.8.13 on February 27-28, 2026. These versions injected prompts to hijack local AI coding tools for system reconnaissance and data exfiltration. Aqua Trivy is a popular open-source vulnerability scanner with a VS Code extension, hosted on OpenVSX under…
-
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks/
-
SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms
<div cla Earlier this year, we asked our team where they expect open source cyberattacks to go next. Sonatype Principal Security Researcher Garrett Calpouzos shared his thoughts about how he anticipated attackers won’t simply use automation, but also abuse victims’ AI tools: First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/sandworm_mode-the-rise-of-adaptive-supply-chain-worms/
-
SANDWORM_MODE: The Rise of Adaptive Supply Chain Worms
<div cla Earlier this year, we asked our team where they expect open source cyberattacks to go next. Sonatype Principal Security Researcher Garrett Calpouzos shared his thoughts about how he anticipated attackers won’t simply use automation, but also abuse victims’ AI tools: First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/sandworm_mode-the-rise-of-adaptive-supply-chain-worms-2/
-
North Korean Hackers Target Developers Through npm Packages
Open-source ecosystems power modern software development. Millions of developers rely on public repositories to accelerate innovation and reduce development time. That trust, however, is increasingly being weaponized. New reporting from The Hacker News reveals that North Korean threat actors have published 26 malicious packages to the npm registry in an attempt to compromise developer environments…
-
NDSS 2025 SHAFT: Secure, Handy, Accurate And Fast Transformer Inference
Authors, Creators & Presenters: (All Via The Chinese University of Hong Kong) Andes Y. L. Kei, Sherman S. M. Chow PAPER SHAFT: Secure, Handy, Accurate and Fast Transformer Inference Adoption of transformer-based machine learning models is growing, raising concerns about sensitive data exposure. Nonetheless, current secure inference solutions incur substantial overhead due to their extensive…
-
BlacksmithAI: Open-source AI-powered penetration testing framework
BlacksmithAI is an open-source penetration testing framework that uses multiple AI agents to execute different stages of a security assessment lifecycle. A multi-agent … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/02/blacksmithai-open-source-ai-powered-penetration-testing-framework/
-
CVE-2025-64328 exploitation impacts 900 Sangoma FreePBX instances
About 900 Sangoma FreePBX systems were infected with web shells after attackers exploited a command injection flaw. Hundreds of Sangoma FreePBX instances are still infected with web shells following attacks that began in December 2025. Sangoma FreePBX is an open-source, web-based platform for managing Asterisk-powered VoIP phone systems. Maintained by Sangoma Technologies, it allows businesses…
-
NDSS 2025 Enhancing Security In Third-Party Library Reuse
Tags: conference, detection, Internet, network, open-source, programming, software, tool, update, vulnerabilitySession 14A: Software Security: Applications & Policies Authors, Creators & Presenters: Shangzhi Xu (The University of New South Wales), Jialiang Dong (The University of New South Wales), Weiting Cai (Delft University of Technology), Juanru Li (Feiyu Tech), Arash Shaghaghi (The University of New South Wales), Nan Sun (The University of New South Wales), Siqi Ma…
-
IronCurtain: An open-source, safeguard layer for autonomous AI assistants
Veteran security engineer Niels Provos is working on a new technical approach designed to stop autonomous AI agents from taking actions you haven’t specifically authorized. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/27/ironcurtain-open-source-ai-agent-security/
-
Log4j am Limit: KI-Schrott lähmt Open-Source-Projekt
Massig KI-generierte Bug-Reports bremsen die Entwicklung von Open-Source-Tools wie Log4j. Ein Entwickler schlägt Alarm und will Lösungen sehen. First seen on golem.de Jump to article: www.golem.de/news/log4j-am-limit-ki-schrott-laehmt-open-source-projekt-2602-205903.html
-
Malicious Go Crypto Module Steals Passwords, Deploys Rekoobe Backdoor in Developer Environments
Malicious actors are abusing Go’s open-source ecosystem by deploying a backdoored crypto module that steals passwords and installs a Rekoobe Linux backdoor on developer and CI environments. The package imitates Go’s trusted cryptography library to turn ordinary password prompts into a full compromise chain quietly. On pkg.go.dev it appears as a normal cryptography library with…
-
OpenClaw Vulnerability Exposes How an Open-Source AI Agent Can Be Hijacked
When the open-source AI agent for OpenClaw burst onto the scene, it did so with astonishing speed. In just five days, the project surpassed 100,000 stars on GitHub, becoming one of the fastest-growing open-source AI tools in history. Developers quickly embraced it as a personal assistant that could run locally, plug into calendars and messaging platforms, execute…
-
OpenClaw Insights: A CISO’s Guide to Safe Autonomous Agents FireTail Blog
Tags: access, ai, api, breach, ciso, compliance, control, data, data-breach, detection, endpoint, finance, firewall, framework, governance, guide, LLM, network, open-source, risk, risk-management, software, strategy, technology, tool, vulnerabilityFeb 27, 2026 – Alan Fagan – The “OpenClaw” crisis has board members asking, “Could this happen to us?” The answer isn’t to ban AI agents. It’s to govern them. By now, the dust is settling on the OpenClaw (aka MoltBot) incident. The technical post-mortems (including our own) have been written, the exposed ports have…
-
This AI Agent Is Designed to Not Go Rogue
The new open source project IronCurtain uses a unique method to secure and constrain AI assistant agents before they flip your digital life upside down. First seen on wired.com Jump to article: www.wired.com/story/ironcurtain-ai-agent-security/
-
ServiceNow AVR + Contrast Security: Better together
<div cla Struggling with application vulnerability management? Managing remediation of application vulnerabilities to limit risk can be challenging. Organizations may have hundreds or thousands of applications to secure with thousands of interlocking components, such as third-party libraries and open-source code. This distributed architecture expands the attack surface, making it hard to monitor and secure. On…
-
AI-Driven Development Fuels Surge in Open Source Vulnerabilities, Black Duck Finds
A sharp rise in AI-assisted software development is driving unprecedented increases in open source security and licensing risk, according to new research from Black Duck. The company’s 2026 Open Source Security and Risk Analysis (OSSRA) report reveals that vulnerabilities in commercial software codebases have more than doubled year-on-year, highlighting growing concerns that organisations are producing…
-
Open-source security debt grows across commercial software
Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/26/open-source-vulnerability-surge-risk-analysis/
-
VirtualBox – 7 Zero-Day-Schwachstellen in Open-Source-Lösung von Oracle
First seen on security-insider.de Jump to article: www.security-insider.de/oracle-virtualbox-zero-day-sicherheitsluecken-a-eb3c07e756b4939344dad321a4eec6a5/
-
Hottest cybersecurity open-source tools of the month: February 2026
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Pompelmi: … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/26/hottest-cybersecurity-open-source-tools-of-the-month-february-2026/
-
The OpenClaw Hype: Analysis of Chatter from Open-Source Deep and Dark Web
OpenClaw has sparked heavy Telegram and dark web chatter, but Flare’s data shows more research hype than mass exploitation. Flare explains how its telemetry found real supply-chain risk in the skills marketplace, yet limited signs of large-scale criminal operationalization. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-openclaw-hype-analysis-of-chatter-from-open-source-deep-and-dark-web/
-
Digitale Infrastruktur-Souveränität – Europäische und moderne Open Source IT-Lösungen
First seen on security-insider.de Jump to article: www.security-insider.de/europaeische-und-moderne-open-source-it-loesungen-a-c8e26b4dbe0134834d7b4b3bc08d3d76/
-
Microsoft adds domain libraries and Copilot integration to the quantum development kit
The Microsoft Quantum Development Kit (QDK) is an open-source toolkit that runs on laptops and in common development environments. It includes code, simulators, libraries, and … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/25/microsoft-quantum-development-kit-qdk/
-
The rise of the evasive adversary
Tags: access, ai, attack, authentication, breach, china, cloud, credentials, crime, crowdstrike, crypto, data, defense, endpoint, exploit, finance, firewall, group, identity, infrastructure, intelligence, korea, lazarus, leak, mail, malicious, malware, microsoft, monitoring, network, north-korea, open-source, phishing, ransomware, remote-code-execution, russia, saas, service, software, strategy, supply-chain, tactics, theft, threat, tool, update, vpn, vulnerability, windows, zero-dayBig game hunters tighten their grip: CrowdStrike’s research highlights how big game hunting (BGH) ransomware actors have remained the dominant force in the eCrime landscape.Punk Spider, a group responsible for developing and maintaining Russian-language Akira ransomware, and its associated Akira dedicated leak site, conducted 198 intrusions in 2025, a 134% increase year over year. Victim-shaming operations…