Tag: open-source
-
Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
Tags: attack, cve, cyber, cybersecurity, exploit, flaw, hacker, open-source, remote-code-execution, vulnerabilityA newly disclosed vulnerability in NGINX is already being actively exploited, raising serious concerns across the global cybersecurity community. Tracked as CVE-2026-42945, the flaw affects both NGINX Open Source and NGINX Plus, potentially allowing attackers to crash servers or execute remote code under specific conditions. Security researcher Patrick Garrity of VulnCheck revealed that exploitation attempts…
-
Critical NGINX Vulnerability Lets Hackers Launch Remote Code Execution Attacks
Tags: attack, cve, cyber, cybersecurity, exploit, flaw, hacker, open-source, remote-code-execution, vulnerabilityA newly disclosed vulnerability in NGINX is already being actively exploited, raising serious concerns across the global cybersecurity community. Tracked as CVE-2026-42945, the flaw affects both NGINX Open Source and NGINX Plus, potentially allowing attackers to crash servers or execute remote code under specific conditions. Security researcher Patrick Garrity of VulnCheck revealed that exploitation attempts…
-
Attackers accessed, downloaded code from Grafana Labs’ GitHub
A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/attackers-accessed-downloaded-code-from-grafana-labs-github/
-
Lyrie: Open-source autonomous pentesting agent
Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/18/lyrie-ai-autonomous-pentesting-agent/
-
Malicious npm Packages Steal SSH Keys, Cloud Credentials, and Crypto Wallets
A new supply chain attack campaign targeting developers has surfaced in the npm ecosystem, with four malicious packages discovered stealing sensitive data, including SSH keys, cloud credentials, and cryptocurrency wallets. The campaign, identified by OX Security within the past 24 hours, highlights the growing risk posed by typosquatting attacks and reused open-source malware. The malicious…
-
Expired domain leads to supply chain attack on node-ipc npm package
require(‘node-ipc’). The trojanized versions were designed to remain fully functional to avoid immediate detection, which together with other decisions attackers took, such as data exfiltration via DNS TXT, suggest stealthiness was a top priority.Once executed, the malicious code collects information about the host system, including operating system version, hostname, and environment variables. It then starts…
-
Shai-Hulud Worm Steals Dev Secrets Across npm, GitHub, AWS Kubernetes
Tags: credentials, cyber, cybersecurity, github, intelligence, kubernetes, open-source, software, threat, wormShai-Hulud is a major cybersecurity threat targeting the open-source software supply chain. Security researchers are raising alarms over “Shai-Hulud,” a self-propagating npm worm designed to steal sensitive developer credentials from GitHub, AWS, Kubernetes, and local environments. The campaign, tracked by SlowMist’s MistEye threat intelligence platform, is already being described as one of the largest npm…
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
-
EU’s Cyber Resiliency Act will put IT leaders to the test
Tags: access, attack, cio, cyber, cybersecurity, data, encryption, exploit, firewall, Hardware, identity, infrastructure, Internet, kubernetes, law, malicious, mitigation, open-source, password, programming, regulation, risk, risk-assessment, router, sbom, software, supply-chain, tool, update, vpn, vulnerabilityProduct safety: The CRA says digital products have to be secure by design and default, and can’t ship with known vulnerabilities like obvious default passwords that can be exploited. They also must be updatable if such vulnerabilities are found later, as well as minimize their impact by limiting the attack surface and protecting confidentiality and…
-
China-Linked Hackers Deploy New TencShell Malware Against Global Manufacturer
A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/china-hackers-tencshell-malware/
-
AI agent finds 18-year-old remote code execution flaw in Nginx
Tags: ai, api, application-security, cve, cvss, data, dos, endpoint, exploit, flaw, github, leak, mitigation, network, open-source, remote-code-execution, risk, service, technology, update, vulnerability, wafngx_http_rewrite_module, a component that handles URL rewrites, and impacts Nginx versions from 0.6.27 to 1.30.0. The issue has been given a 9.2 CVSS severity score and was patched in versions 1.31.0 and 1.30.1.The commercial product, Nginx Plus, owned and developed by network and application security firm F5, is also vulnerable, and received patches in versions…
-
OpenAI asks macOS users to update after TanStack npm supply chain attack
The actions are being taken in light of an expanding supply chain campaign impacting the popular open-source library TanStack and additional npm and PyPI packages tied to several AI companies. First seen on therecord.media Jump to article: therecord.media/openai-asks-macos-users-to-update-tanstack-npm
-
18-year-old NGINX vulnerability allows DoS, potential RCE
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/18-year-old-nginx-vulnerability-allows-dos-potential-rce/
-
TeamPCP, BreachForums Launch $1K Supply-Chain Attack Contest
A new cybercrime campaign is turning supply chain attacks into a public competition, as TeamPCP and BreachForums operators launch a $1,000 contest that encourages hackers to compromise open-source packages. The initiative, first highlighted by Dark Web Informer, signals an escalation in how threat actors are gamifying real-world attacks to recruit participants and expand their reach.…
-
New Malware Framework Enables Screen Control and UAC Bypass
A sophisticated malware framework capable of screen control, browser artifact access, and User Account Control (UAC) bypass, highlighting how attackers are increasingly adapting open-source tools for real-world intrusions. The attack chain revealed a carefully staged operation designed to blend into normal enterprise traffic. Investigators observed suspicious infrastructure activity, host-level artifacts, and command-and-control (C2) communication patterns…
-
PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of public disclosure.The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive endpoints to anyone, potentially allowing an attacker to invoke the First seen on…
-
CERN’s open source KiCad library gives the world 17,000 circuit board components
CERN has released its complete KiCad component library under an open source license, making it available to hardware designers anywhere in the world. The library, maintained … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/14/cern-kicad-component-library/
-
Open-Source-Filesharing-Dienst erhält Sicherheitsupdate – BW.tech migriert ownCloud.online auf PHP 8.4
Tags: open-sourceFirst seen on security-insider.de Jump to article: www.security-insider.de/owncloud-online-update-php-8-4-symfony-7-3-a-6fec4a6a37aa34469b7e714e5f0d7017/
-
Mistral AI SDK, TanStack Router hit in npm software supply chain attack
Tags: ai, api, attack, breach, cloud, credentials, data, data-breach, exploit, github, kubernetes, malicious, malware, network, open-source, password, router, service, software, supply-chain, switch, vulnerabilitypull_request_target. This allows third-party workflows to run automatically, a way of avoiding maintainer approval fatigue, but means that the maintainer’s short-lived OIDC tokens become vulnerable to scraping.Armed with these tokens, the attacker were able to compromise the packages by injecting the malicious Mini Shai-Hulud malware, which propagated to other projects.The purpose is to steal developer…
-
New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution.Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and deliver email.The vulnerability, tracked as CVE-2026-45185, aka Dead.Letter, has been described as a use-after-free First seen on…
-
Worm Redux: Fresh Mini Shai-Hulud Infections Bite Supply Chain
Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open source TanStack ecosystem. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/worm-redux-fresh-mini-shai-hulud-infections-bite-supply-chain
-
Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root
Recent disclosures have revealed that open-source networking tool dnsmasq is grappling with a serious set of vulnerabilities. The problems span memory safety and input … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/dnsmasq-vulnerabilities-cve/
-
HEIDI: Free IDE security plugin for open-source vulnerability checks
Open-source dependencies make up a large percentage of the code in production applications, and most vulnerability checks still run late in the pipeline, inside CI/CD systems … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/12/heidi-free-ide-security-plugin/
-
Official JDownloader site served malware to Windows and Linux users between May 6 and May 7
JDownloader website was hacked to distribute malicious Windows and Linux installers carrying a Python RAT between May 67, 2026. JDownloader official website was compromised in a supply chain attack that replaced legitimate Windows and Linux installers with malicious files between May 6 and May 7, 2026. JDownloader is a free, open-source download management application designed…
-
Google researchers uncover criminal zero-day exploit likely built with AI
Google’s threat intelligence researchers have linked a zero-day exploit to AI-assisted development by a criminal group. The exploit targeted a popular open-source … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/11/google-ai-vulnerability-exploitation/
-
Rustinel: Open-source endpoint detection for Windows and Linux
Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/11/rustinel-open-source-endpoint-detection-windows-linux/
-
Hackers used AI to develop zero-day exploit for web admin tool
Researchers at Google Threat Intelligence Group (GTIG) say that a zero-day exploit targeting a popular open-source web administration tool was likely generated using AI. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-hackers-used-ai-to-develop-zero-day-exploit-for-web-admin-tool/
-
fsnotify Maintainer Access Change Sparks Supply Chain Security Concerns
A dispute over maintainer access in the widely used Go library fsnotify has triggered temporary supply chain concerns after contributors were removed from the project’s GitHub organization and recent releases came under scrutiny. While no evidence suggests that any version of fsnotify has been compromised, the incident highlights how governance ambiguity in critical open source projects can…