Tag: open-source
-
Cyber Espionage Group CL-UNK-1068 Linked to China Targets Asian Infrastructure
Tags: china, cyber, espionage, government, group, infrastructure, law, malware, open-source, technology, threatA highly sophisticated cyber espionage group, designated as CL-UNK-1068, has been actively targeting critical infrastructure across South, Southeast, and East Asia since at least 2020. Originating from China, the threat actors focus on high-value sectors, including aviation, energy, government, law enforcement, technology, and telecommunications. The attackers use a versatile mix of custom malware, open-source utilities,…
-
1-Click ZITADEL Vulnerability Could Allow Full System Takeover
A critical Cross-Site Scripting (XSS) vulnerability has been discovered in ZITADEL, a popular open-source identity and access management platform. Tracked as CVE-2026-29191 with a Critical severity rating, this flaw resides in the platform’s login V2 interface, specifically within the /saml-post endpoint. It allows unauthenticated remote attackers to execute malicious JavaScript directly within a user’s browser. With a…
-
ExifTool Vulnerability Lets Malicious Images Trigger macOS Code Execution
ExifTool is a ubiquitous open-source solution for reading, writing, and editing image metadata. It’s the go-to tool for photographers and digital archivists, and is widely used in data analytics, digital forensics, and investigative journalism. Can a computer really get infected just by processing an image even on macOS, often (incorrectly) thought to be immune to…
-
Open-source tool Sage puts a security layer between AI agents and the OS
Autonomous AI agents running on developer workstations execute shell commands, fetch URLs, and write files with little or no inspection of what they are doing. Open-source … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/09/open-source-tool-sage-security-layer-ai-agents/
-
Critical ExifTool Vulnerability Allows Malicious Images to Execute Code on macOS
Many users believe macOS is inherently resistant to malware, but a newly discovered vulnerability proves otherwise. Kaspersky’s Global Research and Analysis Team (GReAT) recently uncovered a critical flaw, tracked as CVE-2026-3102, within ExifTool. ExifTool is a widely popular open-source application and library for extracting and editing file metadata. If a macOS user processes a specially…
-
WiFi Signals Can Track Human Activity Through Walls by Mapping Body Keypoints
In late February 2026, an open-source project named RuView (formerly WiFi DensePose) surged to the top of GitHub trending lists. This edge AI system proves that everyday WiFi signals can track human movement, estimate body poses, and monitor vital signs through walls, all without using a single camera. While marketed as a privacy-friendly tool for…
-
Week in review: Weaponized OAuth redirection logic delivers malware, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: BlacksmithAI: Open-source AI-powered penetration testing framework … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/08/week-in-review-weaponized-oauth-redirection-logic-delivers-malware-patch-tuesday-forecast/
-
Chardet dispute shows how AI will kill software licensing, argues Bruce Perens
Alarm bells are ringing in the open source community, but commercial licensing is also at risk First seen on theregister.com Jump to article: www.theregister.com/2026/03/06/ai_kills_software_licensing/
-
Building Bridges, Breaking Pipelines: Introducing Trajan
TL;DR: Trajan is an open-source CI/CD security tool from Praetorian that unifies vulnerability detection and attack validation across GitHub Actions, GitLab CI, Azure DevOps, and Jenkins in a single cross-platform engine. It ships with 32 detection plugins and 24 attack plugins covering poisoned pipeline execution, secrets exposure, self-hosted runner risks, and AI/LLM pipeline vulnerabilities. It……
-
Apache ActiveMQ Flaw Enables DoS Attacks via Malformed Network Packets
Security researchers have uncovered a significant vulnerability in Apache ActiveMQ, a popular open-source message broker used by enterprises to route data between applications. Tracked as CVE-2025-66168, this security flaw allows malicious actors to trigger unexpected broker behavior and potential denial-of-service (DoS) conditions by sending specifically crafted, malformed network packets. A successful attack against a message…
-
AWS-LC Flaw Exposes Amazon Users to Attacks by Bypassing Certificate Chain Validation
Amazon issued a critical security bulletin (2026-005-AWS) detailing three high-severity vulnerabilities in AWS-LC, its open-source cryptographic library. Discovered through a coordinated disclosure process with the AISLE Research Team, these flaws pose a serious risk to cloud infrastructure. Developers rely heavily on AWS-LC as a general-purpose library to secure digital communications. Because of this widespread use,…
-
Account enumeration in the wild: analyzing a real-world Spotify enumeration tool
In this blog post, we study the Spotify-Account-Checker open source project. The author describes it as: “An automated tool for checking the validity of Spotify accounts with proxy support, multi-threading capabilities, and Discord Rich Presence integration.” At first glance, checking whether an account exists may look harmless. It First seen on securityboulevard.com Jump to article:…
-
FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)
A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/freescout-vulnerability-cve-2026-28289/
-
FreeScout vulnerability enables unauthenticated, zero-click RCE via email (CVE-2026-28289)
A newly discovered vulnerability (CVE-2026-28289) in the open-source help desk platform FreeScout could allow attackers to take over vulnerable servers by sending a specially … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/05/freescout-vulnerability-cve-2026-28289/
-
How a Music Streaming CEO Built an Open-Source Global Threat Map in His Spare Time
Frustrated by fragmented war news, Anghami’s Elie Habib built World Monitor, a platform that fuses global data, like aircraft signals and satellite detections, to track conflicts as they unfold. First seen on wired.com Jump to article: www.wired.com/story/world-monitor-elie-habib/
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
14 old software bugs that took way too long to squash
Tags: access, api, attack, authentication, automation, bug-bounty, communications, computer, control, credentials, cve, cvss, cyber, data, data-breach, dns, dos, encryption, exploit, flaw, hacker, Hardware, infosec, infrastructure, Internet, kaspersky, linux, malicious, malware, microsoft, mitigation, network, nist, open-source, password, programming, remote-code-execution, risk, service, software, stuxnet, supply-chain, technology, theft, threat, tool, update, usa, vulnerability, windows, zero-dayAge: 30 yearsDate introduced: 1995Date fixed: February 2026Researchers unearthed a legacy flaw in the widely used libpng open-source library that had existed since the technology was first released more than 30 years ago.The heap buffer overflow vulnerability (CVE-2026-25646) meant that applications using the flawed software would crash when presented with a maliciously constructed PNG raster…
-
Angriffe auf Lieferketten entwickeln sich zur weltweit größten Cyberbedrohung
Das Netz der Täuschung bei Angriffen auf die Software-Lieferkette aufdecken Der diesjährige Bericht zu Trends im Bereich Hightech-Kriminalität von Group-IB zeigt, dass sich die Cyberkriminalität entscheidend von isolierten Angriffen hin zu einer Gefährdung des gesamten Ökosystems verlagert hat, bei der Angreifer vertrauenswürdige Anbieter, Open-Source-Software, SaaS-Plattformen, Browser-Erweiterungen und Managed Service Provider ausnutzen, um sich Zugang zu……
-
Angriffe auf Lieferketten entwickeln sich zur weltweit größten Cyberbedrohung
Das Netz der Täuschung bei Angriffen auf die Software-Lieferkette aufdecken Der diesjährige Bericht zu Trends im Bereich Hightech-Kriminalität von Group-IB zeigt, dass sich die Cyberkriminalität entscheidend von isolierten Angriffen hin zu einer Gefährdung des gesamten Ökosystems verlagert hat, bei der Angreifer vertrauenswürdige Anbieter, Open-Source-Software, SaaS-Plattformen, Browser-Erweiterungen und Managed Service Provider ausnutzen, um sich Zugang zu……
-
Baochip-1x: Crowdfunding von Open-Source-Mikrocontroller startet
Tags: open-sourceOffen und überprüfbar: Beim Mikrocontroller Baochip-1x sollen Programmierer sich auf nichts verlassen müssen. Das Ziel: besonders sichere Systeme. First seen on golem.de Jump to article: www.golem.de/news/baochip-1x-crowdfunding-von-open-source-mikrocontroller-startet-2603-206083.html
-
mquire: Open-source Linux memory forensics tool
Linux memory forensics has long depended on debug symbols tied to specific kernel versions. These symbols are not installed on production systems by default, and sourcing them … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/04/mquire-open-source-linux-memory-forensics-tool/
-
AI-powered attack kits go open source, and CyberStrikeAI may be just the beginning
100-plus prebuilt tool recipes and a human-readable YAML-based extension system;Attack-chain graph, risk scoring, and “step-by-step replay”;Password-protected web user interfaces (UIs) and audit logs;A knowledge base with vector search, hybrid retrieval, and searchable archives;Vulnerability management with create, read, update, delete (CRUD) operations, severity tracking, status workflow, and statistics;Batch task management that can organize task queues and…
-
Open-Source CyberStrikeAI Deployed in AI-Driven FortiGate Attacks Across 55 Countries
The threat actor behind the recently disclosed artificial intelligence (AI)-assisted campaign targeting Fortinet FortiGate appliances leveraged an open-source, AI-native security testing platform called CyberStrikeAI to execute the attacks.The new findings come from Team Cymru, which detected its use following an analysis of the IP address (“212.11.64[.]250”) that was used by the suspected First seen on…
-
Android devices hit by exploited Qualcomm flaw CVE-2026-21385
Google confirms that the Qualcomm Android vulnerability CVE-2026-21385 was exploited in real-world attacks. Google has confirmed that CVE-2026-21385 (CVSS score of 7.8), a high-severity vulnerability affecting an open-source Qualcomm component used in Android devices, has been actively exploited. >>There are indications that CVE-2026-21385 may be under limited, targeted exploitation.<< reads Google's advisory. The flaw is…
-
New ‘StegaBin’ Campaign Deploys Multi-Stage Credential Stealer via 26 Malicious npm Packages
Tags: access, attack, credentials, crypto, cyber, malicious, north-korea, open-source, supply-chain, threatA new supply-chain attack dubbed StegaBin is targeting JavaScript developers through 26 malicious npm packages that appear to be popular open-source libraries but secretly deploy a multi-stage credential-stealing toolkit and a Remote Access Trojan (RAT). The campaign is linked to the North Korean-aligned FAMOUS CHOLLIMA threat actor, known from previous “Contagious Interview” operations against cryptocurrency…
-
Fortinet FortiGate Devices Targeted by CyberStrikeAI, Allowing Hackers to Bypass Security
Threat intelligence researchers at Team Cymru have uncovered an open-source AI-powered offensive security tool called CyberStrikeAI, actively used to target Fortinet FortiGate devices at scale, with its developer carrying suspected ties to China’s Ministry of State Security (MSS).”‹ CyberStrikeAI is an AI-native security testing platform written in Go, developed by a GitHub user named Ed1s0nZ.…
-
Google Confirms CVE-2026-21385 in Qualcomm Android Component Exploited
Google on Monday disclosed that a high-severity security flaw impacting an open-source Qualcomm component used in Android devices has been exploited in the wild.The vulnerability in question is CVE-2026-21385 (CVSS score: 7.8), a buffer over-read in the Graphics component.”Memory corruption when adding user-supplied data without checking available buffer space,” Qualcomm said in an advisory, First…
-
Hackerbot-Claw Bot Exploits GitHub Actions CI/CD Flaw to Attack Microsoft and DataDog
Tags: ai, attack, automation, cyber, exploit, flaw, github, microsoft, open-source, remote-code-executionHackerbot-claw, an autonomous AI bot, has launched a week-long campaign abusing GitHub Actions misconfigurations to hit CI/CD pipelines at Microsoft, DataDog, and other major open-source projects, achieving remote code execution (RCE) and even full repo compromise in some cases. The attacks highlight how unsafe pull_request_target workflows and shell interpolation bugs can turn routine automation into…
-
Cyberattackers Exploit OpenVSX Aqua Trivy with Malicious AI Prompts to Hijack Coding Tools
Threat actors compromised the Aqua Trivy VS Code extension on OpenVSX by publishing malicious versions 1.8.12 and 1.8.13 on February 27-28, 2026. These versions injected prompts to hijack local AI coding tools for system reconnaissance and data exfiltration. Aqua Trivy is a popular open-source vulnerability scanner with a VS Code extension, hosted on OpenVSX under…
-
CyberStrikeAI tool adopted by hackers for AI-powered attacks
Researchers warn that a newly identified open-source AI security testing platform called CyberStrikeAI was used by the same threat actor behind a recent campaign that breached hundreds of Fortinet FortiGate firewalls. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cyberstrikeai-tool-adopted-by-hackers-for-ai-powered-attacks/