Tag: open-source
-
Nearly 3 out of 4 Oracle Java users say they’ve been audited in the past 3 years
Big Red’s changes to Java licensing also inspire exodus to open source First seen on theregister.com Jump to article: www.theregister.com/2025/07/15/oracle_java_users_audited/
-
Google AI “Big Sleep” Stops Exploitation of Critical SQLite Vulnerability Before Hackers Act
Google on Tuesday revealed that its large language model (LLM)-assisted vulnerability discovery framework discovered a security flaw in the SQLite open-source database engine before it could have been exploited in the wild.The vulnerability, tracked as CVE-2025-6965 (CVSS score: 7.2), is a memory corruption flaw affecting all versions prior to 3.50.2. It was discovered by Big…
-
Falco: Open-source cloud-native runtime security tool for Linux
Falco is an open-source runtime security tool for Linux systems, built for cloud-native environments. It monitors the system in real time to spot unusual activity and possible … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/16/falco-open-source-cloud-native-runtime-linux-security-tool/
-
AsyncRAT Spawns Concerning Labyrinth of Forks
Since surfacing on GitHub in 2019, AsyncRAT has become a poster child for how open source malware can democratize cybercrime, with a mazelike footprint of variants available across the spectrum of functionality. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/async-rat-labyrinth-forks
-
AsyncRAT seeds family of more than 30 remote access trojans
ESET researchers observed tens of thousands of machines infected with AsyncRAT and its variants over the past year. The open-source malware is a popular tool among cybercriminals. First seen on cyberscoop.com Jump to article: cyberscoop.com/asyncrat-malware-variants-eset/
-
AsyncRAT’s Open-Source Code Sparks Surge in Dangerous Malware Variants Across the Globe
Cybersecurity researchers have charted the evolution of a widely used remote access trojan called AsyncRAT, which was first released on GitHub in January 2019 and has since served as the foundation for several other variants.”AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a…
-
Wegen KI-Schrott: Curl-Entwickler erwägt Ende der Bug-Bounty-Prämien
Minderwertige Bug-Reports belasten Open-Source-Entwickler immer stärker. Curl-Maintainer Daniel Stenberg zieht nun radikale Maßnahmen in Erwägung. First seen on golem.de Jump to article: www.golem.de/news/wegen-ki-schrott-curl-entwickler-erwaegt-ende-der-bug-bounty-praemien-2507-198123.html
-
AsyncRAT evolves as ESET tracks its most popular malware forks
AsyncRAT is an open-source remote access trojan that first appeared on GitHub in 2019. It includes a range of typical RAT capabilities, such as keylogging, screen capture, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/15/asyncrat-forks-eset-research/
-
North Korean Hackers Flood npm Registry with XORIndex Malware in Ongoing Attack Campaign
The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing another set of 67 malicious packages to the npm registry, underscoring ongoing attempts to poison the open-source ecosystem via software supply chain attacks.The packages, per Socket, have attracted more than 17,000 downloads, and incorporate a previously undocumented version of a…
-
Putting AI-assisted ‘vibe hacking’ to the test
Tags: access, ai, attack, chatgpt, cyber, cybercrime, cybersecurity, data-breach, defense, exploit, hacking, least-privilege, LLM, network, open-source, strategy, threat, tool, vulnerability, zero-trustUnderwhelming results: For each LLM test, the researchers repeated each task prompt five times to account for variability in responses. For exploit development tasks, models that failed the first task were not allowed to progress to the second, more complex one. The team tested 16 open-source models from Hugging Face that claimed to have been…
-
pqcscan: Open-source post-quantum cryptography scanner
pqcscan is an open-source tool that lets users scan SSH and TLS servers to see which Post-Quantum Cryptography (PQC) algorithms they claim to support. It saves the results in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/14/pqcscan-open-source-post-quantum-cryptography-scanner/
-
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 53
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Datacarry Ransomware DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal Batavia spyware steals data from Russian organizations Taking SHELLTER: a commercial evasion framework abused in- the- wild Open Source Malware Index Q2 2025: Data exfiltration remains…
-
GerriScary: Supply-Chain-Schwachstelle in Google OSS-Review-System
Sicherheitsforscher von Tenable haben eine GerriScary genannte Schwachstelle im Open-Source-Code-Review-System Gerrit von Google entdeckt. Die Schwachstelle ermöglichte das Einschleusen von Schadcode in mindestens 18 zentrale Google Projekte, darunter ChromiumOS (CVE-2025-1568), Chromium, Dart und Bazel. Über GerriScary hätten Angreifer bestehende Change … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/13/gerriscary-supply-chain-schwachstelle-in-google-oss-review-system/
-
Help For Stretching Cyber Resources in Healthcare
Rural hospitals and small medical practices must be creative and open-minded in when it comes locking down their digital footprint, said Jim Roeder, vice president of IT at Lakewood Health System. There’s help from the private- and public-sectors and open source tools. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/interviews/help-for-stretching-cyber-resources-in-healthcare-i-5486
-
Weaponized AI Extension Used by Hackers to Swipe $500,000 in Crypto
Tags: ai, attack, blockchain, crypto, cyber, cyberattack, cybersecurity, hacker, malicious, open-source, russia, toolA Russian blockchain engineer lost over $500,000 in cryptocurrency holdings in June 2025 after being the victim of a carefully planned cyberattack, serving as a terrifying reminder of the perils that might exist in open-source ecosystems. The attack, investigated by cybersecurity experts, revealed the use of a malicious extension disguised as a legitimate tool for…
-
Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads
Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands.The vulnerability, tracked as CVE-2025-6514, carries a CVSS score of 9.6 out of 10.0.”The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it First seen…
-
Hackers Exploit GeoServer RCE Flaw to Deploy Cryptocurrency Miners
Tags: attack, crypto, cve, cyber, data, exploit, flaw, hacker, intelligence, open-source, rce, remote-code-execution, threat, vulnerabilityThe AhnLab Security Intelligence Center (ASEC) has confirmed that unpatched GeoServer instances are still facing relentless attacks by threat actors exploiting a critical Remote Code Execution (RCE) vulnerability, identified as CVE-2024-36401. GeoServer, an open-source Geographic Information System (GIS) server developed in Java for spatial data processing, became a prime target after the vulnerability was disclosed…
-
MCP is fueling agentic AI, and introducing new security risks
Tags: access, ai, api, attack, authentication, best-practice, ceo, cloud, corporate, cybersecurity, gartner, injection, LLM, malicious, monitoring, network, office, open-source, penetration-testing, RedTeam, risk, service, supply-chain, technology, threat, tool, vulnerabilityMitigating MCP server risks: When it comes to using MCP servers there’s a big difference between developers using it for personal productivity and enterprises putting them into production use cases.Derek Ashmore, application transformation principal at Asperitas Consulting, suggests that corporate customers don’t rush on MCP adoption until the technology is safer and more of the…
-
Open source has a malware problem, and it’s getting worse
Sonatype has published its Q2 2025 Open Source Malware Index, identifying 16,279 malicious open source packages across major ecosystems such as npm and PyPI. This brings the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/10/open-source-malware-trends-2025/
-
New AI Malware PoC Reliably Evades Microsoft Defender
Worried about hackers employing LLMs to write powerful malware? Using targeted reinforcement learning (RL) to train open source models in specific tasks has yielded the capability to do just that. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/ai-malware-poc-evades-microsoft-defender
-
Kanvas: Open-source incident response case management tool
Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators a place to work with SOD (Spreadsheet … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/09/kanvas-open-source-incident-response-case-management-tool/
-
Supply Chain Attack Unleashed via Compromised VS Code Extension
Tags: attack, blockchain, crypto, cyber, github, malicious, open-source, software, supply-chain, threat, toolA sophisticated supply chain attack targeting cryptocurrency developers through the compromise of ETHcode, a legitimate Visual Studio Code extension with nearly 6,000 installations. The attack, executed through a malicious GitHub pull request, demonstrates how threat actors can weaponize trusted development tools using minimal code changes, raising serious concerns about open-source software security in the blockchain…
-
Malicious Open Source Packages Spike 188% YoY
Data exfiltration was the most common malware in Sonatype report, with more than 4,400 packages designed to steal secrets, personally identifiable information, credentials, and API tokens. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/malicious-open-source-packages-spike
-
Malicious Open Source Packages Surge 188% Annually
Sonatype’s latest Open Source Malware Index report has identified more than 16,000 malicious open source packages, representing a 188% annual increase First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/malicious-open-source-surge-188/
-
Bewährtes Open-Source-Tool kombiniert Spiegelung mit inkrementeller Sicherung – Wie rdiff-backup Daten effizient und sicher sichert
First seen on security-insider.de Jump to article: www.security-insider.de/wie-rdiff-backup-daten-effizient-und-sicher-sichert-a-0168b318bb31514b40b2d1dcc3e4fa43/
-
DNN Vulnerability Exposes NTLM Credentials via Unicode Normalization Bypass
Security researchers have discovered a critical vulnerability in DNN (formerly DotNetNuke), one of the oldest open-source content management systems, that allows attackers to steal NTLM credentials through a sophisticated Unicode normalization bypass technique. The vulnerability, tracked as CVE-2025-52488, affects the widely-used enterprise CMS platform and demonstrates how defensive coding measures can be circumvented through carefully…
-
CISA Alerts on Active Exploitation of PHPMailer Command Injection Flaw
Tags: cisa, cyber, cybersecurity, email, exploit, flaw, infrastructure, injection, open-source, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding the active exploitation of a long-standing vulnerability in PHPMailer, a widely used open-source email-sending library for PHP applications. The flaw, tracked as CVE-2016-10033, poses a significant threat to organizations relying on PHPMailer for email functionality within their web applications. Vulnerability Overview The PHPMailer…
-
NightEagle hackers exploit Microsoft Exchange flaw to spy on China’s strategic sectors
Attackers pursued stealthy persistence: Following successful exploitation of the zero-day, attackers deploy a modified Go-based version of Chisel, an open-source SOCKS tunneling tool, scheduling it to run every four hours and establish covert tunnels to their C2 servers.This allowed them to move in and out of the network whenever they wanted, enabling persistence for over…
-
Aegis Authenticator: Free, open-source 2FA app for Android
Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts. The app features strong encryption and the ability to … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/07/aegis-2fa-authenticator-free-open-source-android/