Tag: open-source
-
Malus.sh: KI-Tool befreit Open-Source-Programme von Lizenzen
Das KI-Tool Malus erstellt Clean-Room-Klone von Open-Source-Software und beruft sich auf ein US-Urheberrechtsgesetz aus dem Jahr 1879. First seen on golem.de Jump to article: www.golem.de/news/malus-sh-ki-tool-befreit-open-source-programme-von-lizenzen-2604-207922.html
-
Experte für Threat-Management Filigran startet in Deutschland
Filigran, das europäische Unternehmen für Threat-Management, bringt seine Open-Source-basierten Lösungen für Bedrohungsinformationen, -management und die Überprüfung von Sicherheitslücken auf den DACH-Markt. Mit dem neu gegründeten deutschen Team erhalten Unternehmen und Behörden in der Region erstmals lokale Ansprechpartner für eine Technologie, die weltweit bereits von mehr als 6.000 Organisationen eingesetzt wird. Anders als klassische Threat-Intelligence-Anbieter, die…
-
Filigran kommt nach Deutschland und bringt frischen Schwung ins Threat Management
Filigran bietet einen Open Source basierten, KI-gestützten und auf Bedrohungsdaten gestützten Ansatz für das Continuous Threat Exposure Management (CTEM). First seen on infopoint-security.de Jump to article: www.infopoint-security.de/filigran-kommt-nach-deutschland-und-bringt-frischen-schwung-ins-threat-management/a44735/
-
Attackers Exploit LMDeploy Flaw in the Wild Within 12 Hours of Advisory
A critical Server-Side Request Forgery (SSRF) vulnerability in LMDeploy’s vision-language module was exploited in active attacks just 12 hours and 31 minutes after its public disclosure, with no proof-of-concept code required. On April 21, 2026, GitHub published security advisory GHSA-6w67-hwm5-92mq, later assigned CVE-2026-33626, a high-severity SSRF flaw (CVSS 7.5) in LMDeploy, an open-source toolkit developed by Shanghai…
-
Curl-Entwickler über KI: Open-Source-Projekte versinken im High-Quality-Chaos
Curl-Entwickler Stenberg äußert sich erneut zu KI-generierten Bug-Reports. Von KI-Schrott ist nun keine Rede mehr. Doch es droht eine gefährliche Zeit. First seen on golem.de Jump to article: www.golem.de/news/curl-entwickler-ueber-ki-open-source-projekte-versinken-im-high-quality-chaos-2604-207901.html
-
Scenario: Open-source framework for automated AI app red-teaming
Enterprises running customer service bots, data analytics agents, and other AI-driven applications in production handle sensitive records and connect to core business systems … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/23/scenario-open-source-framework-for-automated-ai-app-red-teaming/
-
CNAPP ein Kaufratgeber
Tags: access, ai, application-security, attack, authentication, cloud, container, detection, edr, encryption, framework, group, ibm, infrastructure, intelligence, kubernetes, linux, ml, monitoring, network, open-source, risk-management, saas, soar, software, supply-chain, threat, tool, vmwareCloud Security bleibt ein diffiziles Thema und die Tools, mit denen sie sich gewährleisten lässt, werden zunehmend komplexer und schwieriger zu durchschauen auch dank der ungebrochenen Liebe der Branche zu Akronymen. Mit CNAPP kommt nun ein weiteres hinzu. Die Abkürzung steht für Cloud-Native Application Protection Platform und kombiniert die Funktionen von vier separaten Cloud-Security-Werkzeugen: Cloud…
-
Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener
IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample uncovered a campaign leveraging a multi-stage attack chain where a trojanized SumatraPDF reader deploys an AdaptixC2 Beacon agent, ultimately leading to the download and abuse of Visual Studio (VS) Code tunnels for…
-
Riddled with flaws, serialEthernet converters endanger critical infrastructure
Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerabilityNew RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
-
Riddled with flaws, serialEthernet converters endanger critical infrastructure
Tags: access, authentication, control, credentials, data, data-breach, exploit, firmware, flaw, infrastructure, malicious, network, open-source, password, rce, remote-code-execution, risk, service, threat, update, vulnerabilityNew RCE and other vulnerabilities: Aside from all the known vulnerabilities from open-source components, the Forescout researchers also performed manual security analysis and identified previously unknown flaws in the firmware of three specific devices from two vendors: Lantronix EDS3000PS Series, Lantronix EDS5000 Series, and Silex SD330-AC.The web-based management interface of the Lantronix EDS5000 had five…
-
Malicious pgserve, automagik developer tools found in npm registry
Advice to victimized developers: Developers who have downloaded the malicious versions of pgserver and automagik need to act fast, says Tanya Janca, head of Canadian secure coding consultancy SheHacksPurple.”Rotate every credential you can think of, right now, before you do anything else,” she said. “Then harden your CI/CD network egress controls so your build runners…
-
Supply Chain Attacks Are Getting Worse”, How to Shrink Your Exposure
<div cla In March 2026, Trivy, one of the most widely used open-source vulnerability scanners in the Kubernetes ecosystem, was weaponized against the very organizations that relied on it for security. Attackers compromised the Aqua Security repository, force-pushed malicious binaries, and poisoned 75 of 76 version tags in the process. Any pipeline that pulled trivy:latest…
-
DDoS wave continues as Mastodon hit after Bluesky incident
Mastodon suffered a major DDoS attack shortly after a similar incident hit Bluesky. The outage was significant but resolved within a few hours. Mastodon was hit by a major DDoS attack just days after a similar disruption affected Bluesky. Mastodon is a free and open-source software platform for decentralized social networking with microblogging features similar…
-
109 Fake GitHub Repos Spread SmartLoader, StealC Malware
A coordinated malware operation is abusing fake GitHub repositories to distribute a LuaJIT-based loader, SmartLoader, and a follow-on StealC infostealer, with at least 109 malicious repos active across 103 accounts. The campaign blends cloned open source code, obfuscated Lua stages, and blockchain-backed C2 resolution to evade detection and keep infrastructure agile. Instead of relying on…
-
PentAGI: Open-source autonomous AI penetration testing system
Penetration testers have long relied on collections of specialized tools, manual coordination, and documented runbooks to work through a target assessment. PentAGI, an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/22/pentagi-autonomous-ai-penetration-testing/
-
Apache Syncope RCE Vulnerability Detailed After Public Exploit Code Release
Tags: apache, cve, cvss, cyber, exploit, flaw, government, identity, open-source, rce, remote-code-execution, vulnerabilitySecurity researchers have released full technical details and a working proof-of-concept (PoC) exploit for CVE-2025-57738, a high-severity remote code execution (RCE) vulnerability in Apache Syncope, a widely deployed open-source identity management platform used across enterprise and government environments. Tracked as CVE-2025-57738 with a CVSS score of 7.2 (HIGH), the flaw exists in how Apache Syncope…
-
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized, open-source microblogging social media platform similar to X (formerly Twitter). It allows users to post…
-
Bluesky hit by 24-hour DDoS attack as pro-Iran group claims responsibility
Bluesky suffered a 24-hour DDoS attack that caused outages. A pro-Iran hacker group claimed responsibility for the disruption. Bluesky experienced a sophisticated DDoS attack that disrupted its services for about 24 hours, starting on April 15. Bluesky is a decentralized, open-source microblogging social media platform similar to X (formerly Twitter). It allows users to post…
-
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Tags: cve, cvss, exploit, injection, malicious, open-source, rce, remote-code-execution, vulnerabilityA critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems.The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection leading to the execution of arbitrary code.SGLang is a high-performance,…
-
SmokedMeat: Open-source tool shows what attackers do inside CI/CD pipelines
Boost Security has released SmokedMeat, an open-source framework that runs attack chains against CI/CD infrastructure so engineering and security teams can see what an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/20/smokedmeat-ci-cd-pipeline-attacks/
-
QEMU Hijacked as Stealth Backdoor for Credential Theft, Ransomware
Attackers are increasingly abusing QEMU virtual machines to hide credential theft and ransomware staging inside “invisible” virtual environments, making detection and forensics significantly harder for defenders. QEMU is a legitimate open-source emulator and virtualizer that allows running full operating systems as virtual machines on a host. Threat actors are weaponizing this capability by running their…
-
Product showcase: Syncthing for secure, private file synchronization
Syncthing is a free and open-source application that synchronizes files directly between your devices. Instead of uploading data to a central server, it uses a peer-to-peer … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/20/product-showcase-syncthing-private-file-synchronization-app/
-
Wie Hacker QEMU als Schutzschild für Ransomware missbrauchen
Hacker haben eine Methode perfektioniert, um unter dem Radar moderner Sicherheitssoftware zu fliegen. Durch den Missbrauch des Open-Source-Emulators QEMU verstecken sie komplette Angriffsszenarien als Ransomware in virtuellen Maschinen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/hacker-qemu-ransomware-missbrauchen
-
Hidden VMs: how hackers leverage QEMU to stealthily steal data and spread malware
Tags: control, data, detection, endpoint, hacker, malicious, malware, open-source, ransomware, sophosAttackers abuse QEMU to hide malware in virtual machines, bypass detection, steal data, and deploy ransomware without leaving any trace. Sophos researchers report a rise in attackers abusing QEMU, an open-source emulator, to hide malicious activity inside virtual machines. By running malware in a VM, attackers avoid endpoint security controls and leave minimal traces on…
-
Ukraine confirms suspected APT28 campaign targeting prosecutors, anti-corruption agencies
The intrusions exploited vulnerabilities in the open-source Roundcube webmail platform that allow attackers to execute malicious code when a victim simply opens an email in their inbox. First seen on therecord.media Jump to article: therecord.media/ukraine-confirms-suspected-apt28-campaign-targeting-prosecutors
-
SEO Poisoning Attack Uses Microsoft Binary to Install RMM Tool
New research has exposed a search engine poisoning campaign that delivers a trojanized TestDisk installer, abuses a Microsoft-signed binary for DLL sideloading, and silently deploys the ScreenConnect remote monitoring and management (RMM) client for hands-on keyboard access. The rogue domain copies the branding of the real open-source data recovery tool, presenting itself as “The Ultimate…
-
Thunderbolt: Mozilla veröffentlicht Open-Source-KI-Client
Mit der Integration in Haystack des deutschen Unternehmens Deepset will Mozilla eine Alternative zu großen KI-Enterprise-Produkten bieten. First seen on golem.de Jump to article: www.golem.de/news/thunderbolt-mozilla-veroeffentlicht-open-source-ki-client-2604-207695.html
-
Critical nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover
A critical vulnerability identified as CVE-2026-33032 is drawing urgent attention from the cybersecurity community due to its role in enabling a full-scale Nginx server takeover. The flaw affects nginx-ui, a widely used open-source web interface designed to simplify the management of Nginx servers. Since its disclosure, evidence has confirmed that attackers are already exploiting the issue in real-world scenarios.…
-
Mozilla challenges enterprise AI providers with Thunderbolt, open-source AI client under your control
For organizations that want to keep company data within their own systems and have more control over how AI is deployed, Mozilla is offering an alternative to externally … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/17/mozilla-thunderbolt-open-source-ai-client-enterprise-data-control/
-
Tails 7.6.2 patches vulnerability that could expose saved files
The Tails Project released Tails v7.6.2, an emergency release of the popular open source secure portable operating system. What is Tails? Tails, which is based on Debian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/16/tails-vulnerability-expose-saved-files/