Collecting Cyber-News from over 60 sources

Tag: open-source

Attackers Abuse Velociraptor Forensic Tool to Deploy Visual Studio Code for C2 Tunneling

Aug 30, 2025 4:23 PM

Tags: attack, cyber, cybersecurity, endpoint, malicious, monitoring, open-source, software, threat, tool

Cybersecurity researchers have called attention to a cyber attack in which unknown threat actors deployed an open-source endpoint monitoring and digital forensic tool called Velociraptor, illustrating ongoing abuse of legitimate software for malicious purposes.”In this incident, the threat actor used the tool to download and execute Visual Studio Code with the likely intention of creating…
Experts warn of actively exploited FreePBX zero-day

Aug 29, 2025 4:23 PM

Tags: control, cve, data-breach, exploit, Internet, open-source, software, vulnerability, zero-day

Sangoma warns of an actively exploited FreePBX zero-day affecting systems with publicly exposed admin control panels. The Sangoma FreePBX Security Team addressed an actively exploited FreePBX zero-day vulnerability, tracked as CVE-2025-57819 (CVSS score of 10.0), impacting systems with an internet-facing administrator control panel (ACP). FreePBXis an open-source telephony software platform that provides a web-based graphical…
FreePBX Servers Targeted by Zero-Day Flaw, Emergency Patch Now Available

Aug 29, 2025 1:23 PM

Tags: advisory, control, data-breach, exploit, flaw, open-source, service, update, vulnerability, zero-day

The Sangoma FreePBX Security Team has issued an advisory warning about an actively exploited FreePBX zero-day vulnerability that impacts systems with an administrator control panel (ACP) exposed to the public internet.FreePBX is an open-source private branch exchange (PBX) platform widely used by businesses, call centers, and service providers to manage voice communications. It’s built on…
Forensik-Tool Velociraptor für Ransomware-Angriff missbraucht

Aug 29, 2025 5:23 AM

Tags: cyberattack, open-source, ransomware, sophos, threat, tool

Kriminelle haben das Open-Source-Forensik-Tool Velociraptor für einen Ransomware-Angriff missbraucht. Das Counter Threat Unit (CTU) Team von Sophos konnte nach eigenen Angaben die Attacke jedoch rechtzeitig stoppen, bevor größerer Schaden entstand. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/velociraptor-ransomware-angriff
Threat Actors Exploit Velociraptor Incident Response Tool for Remote Access

Aug 28, 2025 6:23 PM

Tags: access, cyber, endpoint, exploit, incident response, open-source, sophos, threat, tool, unauthorized

Researchers from the Counter Threat Unit (CTU) at Sophos uncovered a sophisticated intrusion where threat actors repurposed the legitimate open-source Velociraptor digital forensics and incident response (DFIR) tool to establish unauthorized remote access within targeted networks. Velociraptor, designed for endpoint visibility and forensic analysis, was deployed maliciously to download and execute Visual Studio Code, facilitating…
Angreifer missbrauchen Forensik-Tool für Ransomware-Versuch

Aug 28, 2025 5:23 PM

Tags: cyberattack, open-source, ransomware, sophos, threat, tool

Das Counter-Threat-Unit CTU) -Team von Sophos hat einen Cyberangriff vereitelt, bei dem Kriminelle ein eigentlich seriöses Open-Source-Programm für digitale Forensik, Velociraptor, missbrauchten. Statt es wie vorgesehen für Sicherheitsanalysen einzusetzen, nutzten die Täter das Tool, um sich verdeckt Zugang zu einem Unternehmensnetzwerk zu verschaffen und weitere Schadsoftware nachzuladen. Ziel war offenbar ein Ransomware-Angriff. So gingen…
Sophos Counter Threat Unit vereitelt Cyberangriff mit Forensik-Tool

Aug 28, 2025 4:23 PM

Tags: cyberattack, open-source, sophos, threat, tool

Das Counter Threat Unit™ (CTU) Team von Sophos hat einen Cyberangriff vereitelt, bei dem Kriminelle das Tool “Velociraptor”, ein eigentlich seriöses Open-Source-Programm für digitale Forensik, missbrauchten. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/sophos-counter-threat-unit-vereitelt-cyberangriff-mit-forensik-tool/a41834/
Streit um Digitale Souveränität – Schlagabtausch zwischen BSI-Chefin und Open Source Community

Aug 28, 2025 11:23 AM

Tags: bsi, open-source

First seen on security-insider.de Jump to article: www.security-insider.de/bsi-praesidentin-plattner-digitale-souveraenitaet-kritik-a-a21ce446fbb2157ce5648a48b77a2d5e/
Anthropic detects the inevitable: genAI-only attacks, no humans involved

Aug 28, 2025 5:23 AM

Tags: ai, attack, business, ciso, control, cybercrime, cybersecurity, defense, dns, infrastructure, injection, intelligence, malicious, malware, open-source, openai, RedTeam, threat, tool, warfare

not find.”There is potentially a lot of this activity we’re not seeing. Anthropic being open about their platform being used for malicious activities is significant, and OpenAI has recently shared the same as well. But will others open up about what is already likely happening?” Brunkard asked. “Or maybe they haven’t shared because they don’t…
AI, Malware, and the Rise of Software Development Infiltration

Aug 27, 2025 9:23 PM

Tags: ai, malicious, malware, open-source, programming, software
Hottest cybersecurity open-source tools of the month: August 2025

Aug 27, 2025 7:23 AM

Tags: cybersecurity, open-source, tool

This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Buttercup: … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/27/hottest-cybersecurity-open-source-tools-of-the-month-august-2025/
LLMs easily exploited using run-on sentences, bad grammar, image scaling

Aug 27, 2025 6:23 AM

Tags: access, advisory, ai, api, attack, control, data, email, exploit, google, governance, injection, LLM, malicious, network, open-source, openai, social-engineering, strategy, technology, threat, training, update, vulnerability

The trick is to give a really long set of instructions without punctuation or most especially not a period or full stop that might imply the end of a sentence because by this point in the text the AI safety rules and other governance systems have lost their way and given upModels are also easily…
Attackers steal data from Salesforce instances via compromised AI live chat tool

Aug 27, 2025 5:23 AM

Tags: access, ai, at&t, breach, credentials, data, extortion, group, login, mandiant, open-source, password, saas, tool, vpn

What Salesloft Drift users should do next: The GTIG report and the Salesloft advisories include indicators of compromise such as IP addresses used by the attackers and User-Agent strings for the tools they used to access the data. Mandiant advises companies to also search logs for any activity from known Tor exit nodes in addition…
New Sni5Gect Attack Crashes Phones and Downgrades 5G to 4G without Rogue Base Station

Aug 26, 2025 8:23 PM

Tags: 5G, attack, group, open-source, phone, software, technology

A team of academics has devised a novel attack that can be used to downgrade a 5G connection to a lower generation without relying on a rogue base station (gNB).The attack, per the ASSET (Automated Systems SEcuriTy) Research Group at the Singapore University of Technology and Design (SUTD), relies on a new open-source software toolkit…
BSI-Doppelstrategie für digitale Souveränität

Aug 25, 2025 9:54 AM

Tags: access, bsi, germany, open-source

BSI-Präsidentin Claudia Plattner: “Je mehr vertrauenswürdige Produkte verfügbar sind, desto souveräner können wir entscheiden und desto sicherer wird die digitale Zukunft.” ECBEine sichere Verwendung digitaler Produkte zu ermöglichen, sieht die Präsidentin des Bundesamtes für Sicherheit in der Informationstechnik (BSI), Claudia Plattner, als staatliche Aufgabe. “Als Cybersicherheitsbehörde Deutschlands ist es unser Anspruch, Menschen und Organisationen nicht…
Happy Birthday Linux! 34 Years of Open-Source Power

Aug 25, 2025 9:54 AM

Tags: cyber, linux, open-source

August 25, 2025, marks the 34th anniversary of Linux, a project that began as a modest hobby and has grown into the bedrock of modern digital infrastructure. On this day in 1991, 21-year-old Finnish student Linus Torvalds posted to the comp.os.minix newsgroup: “I’m doing a (free) operating system (just a hobby, won’t be big and…
Kopia: Open-source encrypted backup tool for Windows, macOS, Linux

Aug 25, 2025 7:54 AM

Tags: backup, cloud, linux, macOS, network, open-source, tool, windows

Kopia is an open-source backup and restore tool that lets you create encrypted snapshots of your files and store them in cloud storage, on a remote server, on network-attached … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/25/kopia-open-source-encrypted-backup-tool-windows-macos-linux/
Open Source AppLocker Policy Generator

Aug 24, 2025 12:54 AM

Tags: Internet, open-source

Noch ein kleiner Fund aus dem Internet, der für Administratoren hilfreich sein kann, die mit AppLocker in Unternehmensumgebungen arbeiten, um Anwendungsrestriktionen zu setzen. Der AppLocker Policy Generator verspricht Systemadministratoren und Sicherheitsexperten bei der Erstellung und Verwaltung von AppLocker-Richtlinien zu unterstützen. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/08/24/applocker-policy-generator/
Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Aug 22, 2025 5:54 PM

Tags: antivirus, attack, backdoor, cybersecurity, detection, email, infection, linux, malicious, malware, open-source, phishing, spam

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell.The “Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file,” Trellix researcher Sagar Bade said in a technical write-up.”The payload isn’t hidden inside the file content or a…
DARPA: Closing the Open Source Security Gap With AI

Aug 21, 2025 3:54 PM

Tags: ai, automation, cyber, open-source, update, vulnerability

DARPA’s Kathleen Fisher discusses the AI Cyber Challenge at DEF CON 33, and the results that proved how automation can help patch vulnerabilities at scale. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/darpa-closing-open-source-security-gap-ai
Google fixed Chrome flaw found by Big Sleep AI

Aug 20, 2025 11:53 AM

Tags: ai, browser, chrome, cve, flaw, google, open-source, vulnerability

Google Chrome 139 addressed a high-severity V8 flaw, tracked as CVE-2025-9132, found by Big Sleep AI Google Chrome 139 addressed a high-severity vulnerability, tracked as CVE-2025-9132, in its open source high-performance JavaScript and WebAssembly engine V8. The vulnerability is an out-of-bounds write issue in the V8 JavaScript engine that was discovered by Big Sleep AI.…
ASPM buyer’s guide: 7 products to help secure your applications

Aug 20, 2025 10:56 AM

Tags: access, ai, api, application-security, attack, business, ceo, cloud, compliance, container, crowdstrike, data, detection, endpoint, exploit, gartner, google, guide, iam, identity, infrastructure, ivanti, marketplace, microsoft, monitoring, okta, open-source, oracle, programming, risk, software, supply-chain, threat, tool, vulnerability, vulnerability-management

Protect the software development lifecycle (SDLC) and supply chain pipelinesAutomate software testingIntegrate with various applications to mitigate and remove various risksFeatures offered by ASPMs vary widely. As a result, tools can prove difficult to evaluate in terms of exactly what is being protected, what data and metadata is being collected to inform security judgments, and…
LudusHound: Open-source tool brings BloodHound data to life

Aug 20, 2025 7:54 AM

Tags: data, open-source, tool

LudusHound is an open-source tool that takes BloodHound data and uses it to set up a working Ludus Range for safe testing. It creates a copy of an Active Directory environment … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/20/ludushound-open-source-tool-bloodhound-data/
Okta open-sources catalog of Auth0 rules for threat detection

Aug 19, 2025 8:54 PM

Tags: detection, okta, open-source, threat

Okta has open-sourced ready-made Sigma-based queries for Auth0 customers to detect account takeovers, misconfigurations, and suspicious behavior in event logs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/okta-open-sources-catalog-of-auth0-rules-for-threat-detection/
PipeMagic Malware Imitates ChatGPT App to Exploit Windows Vulnerability and Deploy Ransomware

Aug 19, 2025 9:54 AM

Tags: attack, backdoor, chatgpt, cve, cyber, exploit, malware, open-source, ransomware, threat, vulnerability, windows

The PipeMagic malware, which is credited to the financially motivated threat actor Storm-2460, is a remarkable illustration of how cyber dangers are always changing. It poses as the genuine open-source ChatGPT Desktop Application from GitHub. This sophisticated modular backdoor facilitates targeted attacks by exploiting CVE-2025-29824, an elevation-of-privilege vulnerability in the Windows Common Log File System…
DARPA AI Cyber Challenge Winners Impress With Quick, Scalable Patching

Aug 18, 2025 12:54 PM

Tags: ai, cyber, open-source, tool, update

Winners of DARPA’s AI Cyber Challenge proved AI can automate patching at scale. Their tools will go open source, offering defenders new power”, but also raising concerns about AI-fueled exploits. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/08/darpa-ai-cyber-challenge-winners-impress-with-quick-scalable-patching/
Agentic AI promises a cybersecurity revolution, with asterisks

Aug 18, 2025 9:54 AM

Tags: ai, api, authentication, ceo, ciso, cloud, control, cybersecurity, data, endpoint, infrastructure, jobs, LLM, open-source, openai, risk, service, soc, software, supply-chain, technology, tool, update, vulnerability

Trust, transparency, and moving slowly are crucial: Like all technologies, and perhaps more dramatically than most, agentic AI carries both risks and benefits. One obvious risk of AI agents is that, like most LLM models, they will hallucinate or make errors that could cause problems.”If you want to remove or give agency to a platform…
Hundreds of TeslaMate Servers Expose Real-Time Vehicle Data

Aug 18, 2025 9:54 AM

Tags: api, authentication, cyber, data, Internet, open-source

A security researcher has discovered that hundreds of self-hosted TeslaMate servers are exposing sensitive Tesla vehicle data to the public internet without any authentication, revealing real-time location tracking, charging patterns, and driving habits of unsuspecting owners. TeslaMate is a popular open-source data logger that connects to Tesla’s official API to collect detailed vehicle telemetry including…
Buttercup: Open-source AI-driven system detects and patches vulnerabilities

Aug 18, 2025 7:54 AM

Tags: ai, open-source, vulnerability

Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/18/buttercup-ai-vulnerability-scanner-open-source/
Buttercup: Open-source AI-driven system detects and patches vulnerabilities

Aug 18, 2025 7:54 AM

Tags: ai, open-source, vulnerability

Buttercup is a free, automated, AI-powered platform that finds and fixes vulnerabilities in open-source software. Developed by Trail of Bits, it recently earned second place … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/18/buttercup-ai-vulnerability-scanner-open-source/