Explore the latest in Open Source security, with insights on open-source software vulnerabilities, trends, and best practices in information security.
Search across headline titles and summaries.
Background for this topic.
Open Source is a term that denotes software for which the original source code is made freely available and may be redistributed and modified. It promotes an open exchange of ideas within the developer community to collaborate and build upon each other's work. This openness however can have various implications for information security.
In the context of information security, open source software can be both a boon and a challenge. On one hand, its transparent nature allows for more eyes to examine the code for vulnerabilities, potentially leading to more secure software. Security experts around the world can review and contribute to the security of the codebase, enhancing the overall robustness of the software.
On the other hand, the fact that the code is available to anyone can pose a risk, as malicious actors also have the opportunity to study it for exploits. Therefore, it necessitates vigilant patch management and community engagement to promptly identify and fix security issues. Ultimately, when used responsibly with proper security practices, open source software can be an asset to the cybersecurity landscape.
Weekly headline count for the current query.
Cybersecurity researchers have disclosed details of a spear-phishing campaign likely undertaken by the Pakistan-aligned SideCopy group targeting Afghanistan's Ministry of Finance with an open-source remote access trojan called Xeno RAT
Researcher reported the vuln in March. Maintainers haven't responded to his messages since
A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions
Most malicious open source packages now mimic real code rather than rely on typosquatting
Suspected Russian Crime Group Built Resilient Command-and-Control InfrastructureIn a joint operation, CrowdStrike, Google and Shadowserver Foundation disrupted infrastructure used by the Glassworm cybercrime group, cutting off attackers from victims. The group has wielded a remote access Trojan to repeatedly target developers of widely used open-source software.
CrowdStrike has dismantled the Glassworm botnet in an operation aided by Google and Shadowserver, stripping the operators’ access to infrastructure that helped threat actors infect hundreds of pieces of open-source software with malware since early 2025, the company said Tuesday. The coordinated effort involved the simultaneous takedown of four attacker-controlled servers that were designed to […] The post CrowdStrike disrupts Glassworm botnet that preyed on open-source supply chain appeared first on CyberScoop.
Cybersecurity researchers have disclosed a security flaw in Gitea, an open-source, self-hosted platform for version control, that allows unauthenticated remote attackers to pull private container images from Gitea deployments without requiring an account, password, or other credentials
The release includes implementations of two quantum-secure algorithms and demonstrates how formal verification caught bugs that traditional testing would have missed. The post Apple open-sources quantum-resistant encryption code appeared first on CyberScoop.
TeamPCP, the cybercrime group behind later waves of the Shai-Hulud worm, has done significant damage to the open source ecosystem. But it's not necessarily due to skill alone.
Acting director Nick Andersen’s comments came as a wave of malware attacks hit tech that’s publicly available for collaboration. The post CISA chief frets about open-source vulnerabilities, delayed security improvements appeared first on CyberScoop.
GitHub confirmed a data breach this week involving the theft of thousands of developer code repositories. One threat actor — TeamPCP — took credit.
Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence (AI) agents
The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessing your email, retrieving records from your CRM, writing and executing code, and taking actions on your behalf across dozens of connected systems. The post Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow appeared first on Microsoft Security Blog.
Another malware wave is washing through open-source software repos, stealing publishing tokens, installing OS‑level backdoors and persisting in developer tools and CI pipelines. The post Mini Shai-Hulud returns, compromising hundreds of npm packages appeared first on CyberScoop.
Open source tool maker Grafana says hackers stole codebase via GitHub breach
A suspected China-linked threat actor targeted the Indian branch of a global manufacturer leveraging an open source offensive toolkit
An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for denial of service and, under certain conditions, remote code execution. [...]
Threat actors have been observed attempting to exploit a recently disclosed security vulnerability in PraisonAI, an open-source multi-agent orchestration framework, within four hours of its public disclosure
A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by an unauthenticated remote attacker to execute arbitrary code. [...]
Latest Mini Shai-Hulud Worm Steals Credentials, Includes Wiper, Now Open SourceA new Shai-Hulud variant has infected multiple npm repositories and jumped to other widely used JavaScript and Python packages. Designed to rapidly propagate, the worm steals over 100 different types of credentials and can wipe systems, including if developers try to delete it.