Tag: open-source
-
Öffentliche Verwaltung im Visier von Cyberspionen
Tags: access, alphv, bsi, cyberattack, cybercrime, encryption, germany, governance, government, infrastructure, lockbit, microsoft, open-source, phishing, qr, service, vulnerabilityLaut BSI haben es Cyberspione aktuell besonders auf die öffentliche Verwaltung abgesehen.Cyberspione haben es in Deutschland derzeit besonders auf die öffentliche Verwaltung abgesehen. Das geht aus dem aktuellen Lagebericht des Bundesamtes für Sicherheit in der Informationstechnik (BSI) hervor. Eine nennenswerte Anzahl von Geschädigten gab es demnach auch in den Sektoren Verteidigung, Rechtspflege, öffentliche Sicherheit und…
-
German healthcare aims to replace faxes and phones with secure messaging
Germany’s digital health agency, Gematik, has turned to open source for secure messaging services that will link patients, doctors and pharmacies First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366634180/German-healthcare-aims-to-replace-faxes-and-phones-with-secure-messaging
-
How GlassWorm wormed its way back into developers’ code, and what it says about open source security
Tags: access, ai, attack, blockchain, ciso, control, credentials, crypto, cybersecurity, data, data-breach, endpoint, exploit, framework, github, google, infrastructure, law, malicious, malware, marketplace, monitoring, open-source, resilience, service, software, supply-chain, threat, tool, update, wormadhamu.history-in-sublime-merge (downloaded 4,000 times)ai-driven-dev.ai-driven-dev (downloaded 3,300 times)yasuyuky.transient-emacs (downloaded 2,400 times)All three GlassWorm extensions are “still literally invisible” in code editors, the researchers note. They are encoded in unprintable Unicode characters that look like blank space to the human eye, but execute as JavaScript.The attackers have posted new transactions to the Solana blockchain that outline updated…
-
How GlassWorm wormed its way back into developers’ code, and what it says about open source security
Tags: access, ai, attack, blockchain, ciso, control, credentials, crypto, cybersecurity, data, data-breach, endpoint, exploit, framework, github, google, infrastructure, law, malicious, malware, marketplace, monitoring, open-source, resilience, service, software, supply-chain, threat, tool, update, wormadhamu.history-in-sublime-merge (downloaded 4,000 times)ai-driven-dev.ai-driven-dev (downloaded 3,300 times)yasuyuky.transient-emacs (downloaded 2,400 times)All three GlassWorm extensions are “still literally invisible” in code editors, the researchers note. They are encoded in unprintable Unicode characters that look like blank space to the human eye, but execute as JavaScript.The attackers have posted new transactions to the Solana blockchain that outline updated…
-
Digitale Souveränität als Strategie – Update: Internationaler Strafgerichtshof setzt auf Open Source statt auf Microsoft
First seen on security-insider.de Jump to article: www.security-insider.de/internationaler-strafgerichtshof-setzt-auf-open-source-statt-auf-microsoft-a-277169fd16fe263acd309a43b53f22f9/
-
Sysdig verbessert Bedrohungsanalyse mit einer tieferen Integration in CloudTool Stratoshark
Sysdig hat neue Open-Source-Funktionen für Falco zur Untersuchung und Analyse von Bedrohungen vorgestellt. Falco ist der Standard für die Erkennung von Cloud-Bedrohungen zur Laufzeit und wird von mehr als 60 Prozent der Fortune-500-Unternehmen verwendet. Diese Updates vertiefen die Integrationsfähigkeit von Falco mit Stratoshark und schaffen eine einheitliche, durchgängige Cloud-Security-Workload, die vollständig auf Open Source basiert.…
-
Sysdig verbessert Bedrohungsanalyse mit einer tieferen Integration in CloudTool Stratoshark
Sysdig hat neue Open-Source-Funktionen für Falco zur Untersuchung und Analyse von Bedrohungen vorgestellt. Falco ist der Standard für die Erkennung von Cloud-Bedrohungen zur Laufzeit und wird von mehr als 60 Prozent der Fortune-500-Unternehmen verwendet. Diese Updates vertiefen die Integrationsfähigkeit von Falco mit Stratoshark und schaffen eine einheitliche, durchgängige Cloud-Security-Workload, die vollständig auf Open Source basiert.…
-
Sysdig verbessert Bedrohungsanalyse mit einer tieferen Integration in CloudTool Stratoshark
Sysdig hat neue Open-Source-Funktionen für Falco zur Untersuchung und Analyse von Bedrohungen vorgestellt. Falco ist der Standard für die Erkennung von Cloud-Bedrohungen zur Laufzeit und wird von mehr als 60 Prozent der Fortune-500-Unternehmen verwendet. Diese Updates vertiefen die Integrationsfähigkeit von Falco mit Stratoshark und schaffen eine einheitliche, durchgängige Cloud-Security-Workload, die vollständig auf Open Source basiert.…
-
NoID Privacy macht aus Windows wieder ein Betriebssystem
Das kostenlose Open Source-Projekt NoID Privacy sorgt dauerhaft dafür, dass Windows nicht mehr mit den Servern des Herstellers kommuniziert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/noid-privacy-macht-aus-windows-wieder-ein-betriebssystem-322750.html
-
NoID Privacy macht aus Windows wieder ein Betriebssystem
Das kostenlose Open Source-Projekt NoID Privacy sorgt dauerhaft dafür, dass Windows nicht mehr mit den Servern des Herstellers kommuniziert. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/datenschutz/noid-privacy-macht-aus-windows-wieder-ein-betriebssystem-322750.html
-
sqlmap: Open-source SQL injection and database takeover tool
Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/10/sqlmap-open-source-sql-injection-database-takeover-tool/
-
sqlmap: Open-source SQL injection and database takeover tool
Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/10/sqlmap-open-source-sql-injection-database-takeover-tool/
-
sqlmap: Open-source SQL injection and database takeover tool
Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/10/sqlmap-open-source-sql-injection-database-takeover-tool/
-
Malicious npm packages contain Vidar infostealer
Typosquatting: One favorite tactic of threat actors trying to infect the open source software supply chain is typosquatting, the creation of packages with names similar to those of legitimate ones to trick unwitting developers searching for a particular library. For example, in 2018 a researcher found that threat actors had created phony libraries in the…
-
Malicious npm packages contain Vidar infostealer
Typosquatting: One favorite tactic of threat actors trying to infect the open source software supply chain is typosquatting, the creation of packages with names similar to those of legitimate ones to trick unwitting developers searching for a particular library. For example, in 2018 a researcher found that threat actors had created phony libraries in the…
-
Malicious npm packages contain Vidar infostealer
Typosquatting: One favorite tactic of threat actors trying to infect the open source software supply chain is typosquatting, the creation of packages with names similar to those of legitimate ones to trick unwitting developers searching for a particular library. For example, in 2018 a researcher found that threat actors had created phony libraries in the…
-
Open-Source-Tool hilft beim einfachen und anonymen Datenaustausch – OnionShare: Dateien zwischen verschiedenen Systemen anonym mit ‘Tor” teilen
First seen on security-insider.de Jump to article: www.security-insider.de/onionshare-dateien-zwischen-verschiedenen-systemen-anonym-mit-tor-teilen-a-e9b8fd3479900a366abfe94510ee537a/
-
OpenGuardrails: A new open-source model aims to make AI safer for real-world use
When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/06/openguardrails-open-source-make-ai-safer/
-
Critical React Native NPM Vulnerability Exposes Developer Systems to Remote Attacks
A severe vulnerability was discovered in the React Native Community CLI, a popular open-source package downloaded nearly two million times every week by developers building cross-platform applications. Tracked as CVE-2025-11953, this flaw allows unauthenticated remote code execution across Windows, macOS, and Linux systems. In practical terms, attackers can execute arbitrary commands on a developer’s machine…
-
10 promising cybersecurity startups CISOs should know about
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, container, control, cybersecurity, data, deep-fake, defense, detection, endpoint, exploit, finance, gartner, google, governance, government, grc, ibm, identity, linux, malicious, microsoft, military, monitoring, network, open-source, ransomware, RedTeam, risk, saas, software, startup, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trust2. Chainguard: Category: Software supply chain securityWhy they’re here: Founded in 2021 by Dan Lorenc (formerly at Microsoft and Google), Chainguard offers a Linux-based platform for securely building applications. The company has raised more than $600M and is valued at $3.5B. In fiscal year 2025, Chainguard reached a $40M annual run rate and by the…
-
10 promising cybersecurity startups CISOs should know about
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, container, control, cybersecurity, data, deep-fake, defense, detection, endpoint, exploit, finance, gartner, google, governance, government, grc, ibm, identity, linux, malicious, microsoft, military, monitoring, network, open-source, ransomware, RedTeam, risk, saas, software, startup, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trust2. Chainguard: Category: Software supply chain securityWhy they’re here: Founded in 2021 by Dan Lorenc (formerly at Microsoft and Google), Chainguard offers a Linux-based platform for securely building applications. The company has raised more than $600M and is valued at $3.5B. In fiscal year 2025, Chainguard reached a $40M annual run rate and by the…
-
10 promising cybersecurity startups CISOs should know about
Tags: access, ai, attack, automation, business, ceo, ciso, cloud, compliance, container, control, cybersecurity, data, deep-fake, defense, detection, endpoint, exploit, finance, gartner, google, governance, government, grc, ibm, identity, linux, malicious, microsoft, military, monitoring, network, open-source, ransomware, RedTeam, risk, saas, software, startup, supply-chain, technology, threat, tool, vulnerability, vulnerability-management, zero-trust2. Chainguard: Category: Software supply chain securityWhy they’re here: Founded in 2021 by Dan Lorenc (formerly at Microsoft and Google), Chainguard offers a Linux-based platform for securely building applications. The company has raised more than $600M and is valued at $3.5B. In fiscal year 2025, Chainguard reached a $40M annual run rate and by the…
-
PortGPT: How researchers taught an AI to backport security patches automatically
Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/05/portgpt-ai-backport-security-patches-automatically/
-
VulnRisk: Open-source vulnerability risk assessment platform
VulnRisk is an open-source platform for vulnerability risk assessment. It goes beyond basic CVSS scoring by adding context-aware analysis that reduces noise and highlights … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/05/vulnrisk-open-source-vulnerability-risk-assessment-platform/
-
VulnRisk: Open-source vulnerability risk assessment platform
VulnRisk is an open-source platform for vulnerability risk assessment. It goes beyond basic CVSS scoring by adding context-aware analysis that reduces noise and highlights … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/05/vulnrisk-open-source-vulnerability-risk-assessment-platform/
-
VulnRisk: Open-source vulnerability risk assessment platform
VulnRisk is an open-source platform for vulnerability risk assessment. It goes beyond basic CVSS scoring by adding context-aware analysis that reduces noise and highlights … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/11/05/vulnrisk-open-source-vulnerability-risk-assessment-platform/
-
NDSS 2025 The Philosopher’s Stone: Trojaning Plugins Of Large Language Models
Tags: attack, conference, control, data, defense, exploit, LLM, malicious, malware, network, open-source, phishing, spear-phishingSESSION Session 2A: LLM Security Authors, Creators & Presenters: Tian Dong (Shanghai Jiao Tong University), Minhui Xue (CSIRO’s Data61), Guoxing Chen (Shanghai Jiao Tong University), Rayne Holland (CSIRO’s Data61), Yan Meng (Shanghai Jiao Tong University), Shaofeng Li (Southeast University), Zhen Liu (Shanghai Jiao Tong University), Haojin Zhu (Shanghai Jiao Tong University) PAPER The Philosopher’s Stone:…
-
Ransomware Defense Using the Wazuh Open Source Platform
Tags: access, attack, computer, cyberattack, data, defense, infrastructure, malicious, malware, open-source, ransom, ransomware, software, threatRansomware is malicious software designed to block access to a computer system or encrypt data until a ransom is paid. This cyberattack is one of the most prevalent and damaging threats in the digital landscape, affecting individuals, businesses, and critical infrastructure worldwide.A ransomware attack typically begins when the malware infiltrates a system through various vectors…