News

Jaw-dropping security flaws found in open source code could allow hackers to spirit away entire projects - here's what devs need to know
Sysdig exposed how a trusted GitHub feature can silently hand control to attackers pull_request_target isn’t just risky, it’s ...
CoinDesk2d
Iran's Nobitex Source Code Exposed Day After Hackers Steal Tokens Across Bitcoin, EVM, Ripple Networks
The pro-Israel group Gonjeshke Darande follows through on its threats, publishing the full exchange code and security files, ...
SecurityWeek1d
FreeType Zero-Day Found by Meta Exploited in Paragon Spyware Attacks
WhatsApp told SecurityWeek that it linked the exploited FreeType vulnerability CVE-2025-27363 to a Paragon exploit.
Bleeping Computer2y
Latest Code Execution news
A memory corruption vulnerability in the open-source libcue library can let attackers execute arbitrary code on GNOME Linux systems. Trend Micro fixed a remote code execution zero-day ...
Bleeping Computer5mon
Over 660,000 Rsync servers exposed to code execution attacks
including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. Rsync is an open-source file synchronization and data transferring tool valued for its ability ...
SecurityWeek12d
Mirai Botnets Exploiting Wazuh Security Platform Vulnerability
CVE-2025-24016, a critical remote code execution vulnerability affecting Wazuh servers, has been exploited by Mirai botnets.
CSO Online10d
Mirai botnet weaponizes PoC to exploit Wazuh open-source XDR flaw
Popular for monitoring Docker containers, Wazuh is being exploited by two Mirai botnet variants — one of which aligns closely ...
CSOonline2y
At least one open source vulnerability found in 84% of code bases: Report
or are classified as remote code execution vulnerabilities. The vulnerability data — along with information on open source license compliance — was included in Synopsys’ 2023 Open Source ...