Open Source
CISA open-sources Thorium platform for malware, forensic analysis
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) today announced the public availability of Thorium, an open-source platform for malware and forensic analysts across the government, public, and private sectors. Thorium was developed in partnership with Sandia National Laboratories as a scalable cybersecurity suite that automates many tasks involved in cyberattack investigations, and can schedule over 1,700 jobs […]
npm ‘accidentally’ removes Stylus package, breaks builds and pipelines
npm has taken down all versions of the real Stylus library and replaced them with a “security holding” page, breaking pipelines and builds worldwide that rely on the package. A security placeholder webpage is typically displayed when malicious packages and libraries are removed by the admins of npmjs.com, the world’s largest software registry primarily used for JavaScript and Node.js development. But that […]
Popular npm linter packages hijacked via phishing to drop malware
Popular JavaScript libraries were hijacked this week and turned into malware droppers, in a supply chain attack achieved via targeted phishing and credential theft. The npm package eslint-config-prettier, downloaded over 30 million times weekly, was compromised after its maintainer fell victim to a phishing attack. Other packages, namely eslint-plugin-prettier, synckit, @pkgr/core, and napi-postinstall from the same maintainer, were also targeted. The attacker(s) used stolen […]
North Korean XORIndex malware hidden in 67 malicious npm packages
North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new malware loader called XORIndex to developer systems. The packages collectively count more than 17,000 downloads and were discovered by researchers at package security platform Socket, who assess them to be part of the continued Contagious Interview operation. Socket researchers […]
Microsoft open-sources VS Code Copilot Chat extension on GitHub
Microsoft has released the source code for the GitHub Copilot Chat extension for VS Code under the MIT license. This provides the community access to the full implementation of the chat-based coding assistant, including the implementation of “agent mode,” what contextual data is sent to large language models (LLMs), and the design of system prompts. The GitHub repository […]
Cloudflare open-sources Orange Meets with End-to-End encryption
Cloudflare has implemented end-to-end encryption (E2EE) to its video calling app Orange Meets and open-sourced the solution for transparency. The application has been available since last year when the internet giant launched it as a demo for Cloudflare Calls (now Realtime). With the introduction of E2EE and the resolution of various trust and verification issues, users interested in […]
Google Cloud donates A2A AI protocol to the Linux Foundation
Google Cloud has donated its Agent2Agent (A2A) protocol to the Linux Foundation, which has now announced a new community-driven project called the Agent2Agent Project. A2A was originally developed by Google Cloud as a protocol specification, SDK, and tooling set that made communication between AI agents possible. The protocol allows AI agents from different vendors to […]
Fog ransomware attack uses unusual mix of legitimate and open-source tools
Fog ransomware hackers are using an uncommon toolset, which includes open-source pentesting utilities and a legitimate employee monitoring software called Syteca. The Fog ransomware operation was first observed last year in May leveraging compromised VPN credentials to access victims’ networks. Post-compromise, they used “pass-the-hash” attacks to gain admin privileges, disabled Windows Defender, and encrypted all files, including virtual machine storage. […]
Brave’s Cookiecrumbler tool taps community to help block cookie notices
Brave has open-sourceed a new tool called “Cookiecrumbler,” which uses large language models (LLMs) to detect cookie consent notices and then community-driven reviews to block those that won’t break site functionality. The Brave browser has been blocking cookie consent banners by default on all websites since 2022 but found that blocking consent banners may cause website problems that […]
Recent GitHub supply chain attack traced to leaked SpotBugs token
A cascading supply chain attack on GitHub that targeted Coinbase in March has now been traced back to a single token stolen from a SpotBugs workflow, which allowed a threat actor to compromise multiple GitHub projects. The popular static analysis tool SpotBugs was breached in November 2024, leading to the compromise of Reviewdog, which subsequently […]