lemmydev2

There’s been a notable shift in the types of threats targeting software developers, with a total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype. Quarterly breakdown (Source: Sonatype) The Q1 figure represents a significant decrease from the more than 34,000 malicious packages discovered last quarter, largely due to a sharp drop in security holdings packages. However, compared to the same period last year, the overall malware count more than doubled. … More → The post Open-source malware doubles, data exfiltration attacks dominate appeared first on Help Net Security.

In 56% of Sophos managed detection and response (MDR) and incident response (IR) cases, attackers gained initial access to networks by exploiting external remote services, including edge devices such as firewalls and VPNs, and by leveraging valid accounts. Compromised credentials remain the top cause of attacks The combination of external remote services and valid accounts aligns with the top root causes of attacks. For the second year in row, compromised credentials were the number one … More → The post Cybercriminals exfiltrate data in just three days appeared first on Help Net Security.

Microsoft recently shared the discovery of several critical vulnerabilities in open-source bootloaders, notably GRUB2 . These findings are particularly significant for us Linux security admins, who must now address these newly identified risks to ensure robust boot security on their systems.

"I would log in and I couldn’t see my children but I could see a kid in California. I refreshed and would see a different child.”

Automated AI bots seeking training data threaten Wikipedia project stability, foundation says.

Microsoft has announced that hotpatch updates are now available for business customers using Windows 11 Enterprise 24H2 on x64 (AMD/Intel) systems, starting today. [...]

First 27 satellites.

A survey by Naoris Protocol highlights growing concerns among IT leaders over cybersecurity vulnerabilities, indicating that a shift may be needed toward decentralized infrastructure for resilience and security, ComputerWeekly reports.

The Wikimedia Foundation, the umbrella organization of Wikipedia and a dozen or so other crowdsourced knowledge projects, said on Wednesday that bandwidth consumption for multimedia downloads from Wikimedia Commons has surged by 50% since January 2024. The reason, the outfit wrote in a blog post Tuesday, isn’t due to growing demand from knowledge-thirsty humans, but […]

A generative AI nudify service has been found storing explicit deepfakes in an unprotected cloud database.

A Y Combinator partner proudly launched an AI recipe app that told people how to make “Actual Cocaine” and a “Uranium Bomb.”

​North Korea's IT workers have expanded operations beyond the United States and are now increasingly targeting organizations across Europe. [...]