Nextgov

North Korea-linked hackers suspected in Axios open-source hijack, Google analysts say

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will ...

Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...
Wired

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...
The Next Web

Hackers breached the European Commission by poisoning the security tool it used to protect itself

CERT-EU attributed a 92 GB data breach at the European Commission to TeamPCP, which compromised the Trivy security scanner in ...
Hosted on MSN

Wild supply-chain hack hits popular open-source coding app tied to China

A quiet compromise of a popular open-source coding editor has turned into one of the most unsettling software supply-chain stories of the year. Attackers silently hijacked the infrastructure behind ...
Dark Reading

China-Backed Threat Actor 'UNC5174' Using Open Source Tools in Stealthy Attacks

A state-backed Chinese threat actor known as "UNC5174" is using stealthy techniques and open source software to attack its victims. Cloud security vendor Sysdig published research today regarding ...
Bleeping Computer

Zeroday Cloud hacking contest offers $4.5 million in bounties

A new hacking competition called Zeroday Cloud, focused on open-source cloud and AI tools, announced a total prize pool of $4.5 million in bug bounties for researchers that submit exploits for various ...