Tag: open-source
-
Wie Angreifer QEMU nutzen, um Erkennungssysteme zu umgehen
Sophos-Analysten untersuchen den aktiven Missbrauch von QEMU (Quick-Emulator), einem Open-Source-Maschinenemulator und Virtualisierungs-Tool. Angreifer nutzen QEMU und weitere gängigere, auf Hypervisoren basierende Virtualisierungs-Tools, wie Hyper-V, Virtualbox und VMware, seit längerer Zeit. Grund dafür ist, dass böswillige Aktivitäten innerhalb einer virtuellen Maschine (VM) für die Endpunktsicherheit nahezu unsichtbar sind und auf dem Host kaum forensische Spuren hinterlassen.…
-
Tails 7.6.2 patches vulnerability that could expose saved files
The Tails Project released Tails v7.6.2, an emergency release of the popular open source secure portable operating system. What is Tails? Tails, which is based on Debian … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/16/tails-vulnerability-expose-saved-files/
-
Q1 2026 Open Source Malware Index: Adaptive Attacks, Familiar Weaknesses
Tags: access, ai, api, attack, automation, cloud, credentials, crypto, data, github, guide, intelligence, kubernetes, linux, macOS, malicious, malware, open-source, pypi, risk, software, supply-chain, tactics, theft, tool, update, windows, worm<div cla TL;DR Sonatype identified 21,764 open source malware packages in Q1 2026, bringing the total logged since 2017 to 1,346,867. npm accounted for 75% of malicious packages this quarter. Trojans dominated, with most activity focused on credential theft, host reconnaissance, and staged payload delivery. The quarter’s defining pattern was trust abuse: attackers succeeded by…
-
In Open-Source Silicon We Trust: ‘Bunnie’ Huang’s Baochip
Veteran Hardware Hacker’s Chip Facilitates More Trustworthy and Secure Devices. How can we trust hardware to not betray us? Enter the Baochip-1x, a piece of largely open-source silicon created by Andrew Bunnie Huang, which he said is designed to give developers an affordable, security-focused and attestable chip, not least for building high-assurance, embedded devices. First…
-
OpenAI’s Mac apps need updates thanks to the Axios hack
The company said a developer tool automatically retrieved a malicious version of the popular open-source library, but insists the integrity of its systems and software were not impacted. First seen on cyberscoop.com Jump to article: cyberscoop.com/openai-axios-supply-chain-attack/
-
OpenAI’s Mac apps needs an update thanks to the Axios hack
The company said a developer tool automatically retrieved a malicious version of the popular open-source library, but insists the integrity of its systems and software were not impacted. First seen on cyberscoop.com Jump to article: cyberscoop.com/openai-axios-supply-chain-attack/
-
France Tees Up Big Public Sector Move Away From US Tech
European Governments Grow Suspicious of Silicon Valley. French abandonment of American software for open-source alternatives continues apace, with all government ministries now facing a fall deadline for outlining plans to reduce their dependence on U.S. tech. France must regain control of our digital destiny, said public action minister David Amiel. First seen on govinfosecurity.com Jump…
-
Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure
Tags: access, advisory, ai, api, attack, authentication, breach, cloud, credentials, cve, data-breach, exploit, firewall, flaw, Internet, open-source, rce, remote-code-execution, software, theft, tool, update, vulnerabilityCredentials stolen in under three minutes: To track real-world exploitation, deployed honeypot servers running vulnerable Marimo instances across multiple cloud providers and observed the first exploitation attempt within 9 hours and 41 minutes of disclosure. No ready-made exploit tool existed at the time. The attacker had built one using only the advisory description, Sysdig researchers…
-
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
Tags: cve, cvss, cyber, data-breach, exploit, flaw, open-source, rce, remote-code-execution, vulnerabilityA critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score of 9.3. It allows unauthenticated attackers to gain a full interactive shell on exposed Marimo…
-
Marimo RCE Vulnerability Exploited Within 10 Hours of Public Disclosure
Tags: cve, cvss, cyber, data-breach, exploit, flaw, open-source, rce, remote-code-execution, vulnerabilityA critical remote code execution (RCE) vulnerability in the open-source Python notebook platform Marimo was actively exploited less than 10 hours after its public disclosure. The flaw, initially tracked as GHSA-2679-6mx9-h9xc and later assigned CVE-2026-39987, carries a critical CVSS score of 9.3. It allows unauthenticated attackers to gain a full interactive shell on exposed Marimo…
-
Apache Tomcat Flaws Enable EncryptInterceptor Bypass
Tags: apache, communications, cyber, exploit, flaw, open-source, risk, software, update, vulnerabilityThe Apache Software Foundation has released critical security updates for Apache Tomcat to address three newly disclosed vulnerabilities. Because Apache Tomcat is a widely deployed open-source web server, these flaws pose a significant risk to many enterprise environments. The newly discovered vulnerabilities could allow attackers to compromise encrypted communications, exploit flawed patches, and bypass client…
-
ZeroID: Open-source identity platform for autonomous AI agents
ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/13/zeroid-open-source-identity-platform-autonomous-ai-agents/
-
CVE-2026-39987: Marimo RCE exploited in hours after disclosure
A critical flaw, tracked as CVE-2026-39987, in the open-source Python notebook tool Marimo was exploited within 10 hours of disclosure. A critical flaw in Marimo, tracked as CVE-2026-39987 (CVSS score of 9.3) was exploited just 10 hours after disclosure (On April 8, 2026). Sysdig Threat Research Team observed exploitation of the Marimo flaw within 9…
-
Breaking the Patch Sound Barrier: Your Vulnerability Remediation Will Not Keep Up With AI Exploit”¦
Breaking the Patch Sound Barrier: Your Vulnerability Remediation Will Not Keep Up With AI Exploit Speed. So? Many years ago while at Gartner, I wrote a blog post where I defined the concept of the “Patch Sound Barrier.” (original via Archive if you don’t believe that I was that smart back in 2013 🙂) This was an…
-
Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure
A critical security vulnerability in Marimo, an open-source Python notebook for data science and analysis, has been exploited within 10 hours of public disclosure, according to findings from Sysdig.The vulnerability in question is CVE-2026-39987 (CVSS score: 9.3), a pre-authenticated remote code execution vulnerability impacting all versions of Marimo prior to and including First seen on…
-
AWS Fixes Severe RCE, Privilege Escalation Flaws in Research and Engineering Studio
AWS recently issued a critical security bulletin addressing severe vulnerabilities in its Research and Engineering Studio (RES). RES is an open-source web portal that allows administrators to create and manage secure cloud-based research environments. Security researchers identified three major flaws in the platform that could lead to remote code execution (RCE) and privilege escalation. If…
-
Securing the AI Supply Chain: What are the Risks and Where to Start?
AI supply chain security: Explore the risks of poisoned datasets, compromised open-source libraries, and AI-powered phishing. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/securing-the-ai-supply-chain-what-are-the-risks-and-where-to-start/
-
Microsoft suspends dev accounts for high-profile open source projects
Microsoft has suspended developer accounts used to maintain multiple high-profile open-source projects without proper notification and no way to quickly reinstate them, effectively blocking them from publishing new software builds and security patches for Windows users. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-suspends-dev-accounts-for-high-profile-open-source-projects/
-
Asqav: Open-source SDK for AI agent governance
AI agents are executing consequential tasks autonomously, often across multiple systems and with little record of what they did or why. Asqav, a Python SDK released under the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/04/09/asqav-ai-agent-audit-trail/
-
WireGuard VPN developer can’t ship software updates after Microsoft locks account
The popular open source VPN maker is the second high-profile developer to say Microsoft locked his account without notifying him and are blocking their ability to send software updates to users. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/wireguard-vpn-developer-cant-ship-software-updates-after-microsoft-locks-account/
-
AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties
Discovery used to be the bottleneck for open source bugs, but with automated discovery, remediation’s the bottleneck, which bounties don’t fund. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/ai-led-remediation-crisis-prompts-hackerone-pause-bug-bounties
-
Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account
The maker of the popular open-source file encryption software VeraCrypt said Microsoft locked his online account, which may prevent device owners from booting up their computers. First seen on techcrunch.com Jump to article: techcrunch.com/2026/04/08/veracrypt-encryption-software-windows-microsoft-lock-boot-issues/
-
Durch KI überlastet: Kein Geld mehr für Bug-Reports an Open-Source-Projekte
Internet Bug Bounty zahlt vorerst keine Prämien mehr. Das betrifft unter anderem Node.js. Der Grund: Mit KI wird viel gemeldet, aber wenig gefixt. First seen on golem.de Jump to article: www.golem.de/news/wichtiges-bug-bounty-programm-pausiert-ki-reports-ueberlasten-open-source-projekte-2604-207325.html
-
Wichtiges Bug-Bounty-Programm pausiert: KI-Reports überlasten Open-Source-Projekte
Internet Bug Bounty zahlt vorerst keine Prämien mehr. Das betrifft unter anderem Node.js. Der Grund: Mit KI wird viel gemeldet, aber wenig gefixt. First seen on golem.de Jump to article: www.golem.de/news/wichtiges-bug-bounty-programm-pausiert-ki-reports-ueberlasten-open-source-projekte-2604-207325.html
-
The zero-day timeline just collapsed. Here’s what security leaders do next
Tags: access, ai, api, attack, authentication, breach, cio, ciso, control, cyber, cybersecurity, data, data-breach, defense, endpoint, exploit, google, Internet, Intruder, leak, least-privilege, open-source, penetration-testing, resilience, service, strategy, tactics, update, vulnerability, zero-dayScaling vulnerability discovery to machine speed: Agentic AI is AI that can act, not just advise. Give it an objective, and it will plan steps, run them, learn from what happens and adjust until it succeeds or hits a hard stop. In cybersecurity, that looks like an automated operator. It can probe an application, test…
-
Cybercriminals Use Fake Zoom, Teams Calls to Deliver Malware
Tags: crypto, cyber, cybercrime, hacker, malicious, malware, microsoft, open-source, phishing, tacticsHackers are increasingly using fake Zoom and Microsoft Teams meetings to trick victims into infecting their own systems with malware. SEAL says it has blocked 164 malicious domains tied to this operation using MetaMask’s eth-phishing-detect system. The campaign primarily targets cryptocurrency professionals, Web3 developers, and investors, but its tactics are now expanding toward open-source communities.…
-
What Anthropic Glasswing reveals about the future of vulnerability discovery
From backlog management to exposure-window risk: The issue, as Williams frames it, is not simply how many vulnerabilities exist, but how they are managed. “Mythos makes one thing painfully clear,” he says. “This is not a prioritization problem. It’s an exposure-window problem.”Traditional vulnerability management has been built around prioritization, ranking issues by severity, exploitability, and…
-
Max severity Flowise RCE vulnerability now exploited in attacks
Hackers are exploiting a maximum-severity vulnerability, tracked as CVE-2025-59528, in the open-source platform Flowise for building custom LLM apps and agentic systems to execute arbitrary code. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-flowise-rce-vulnerability-now-exploited-in-attacks/