Hacker hijacks Axios open-source project, used by millions, to push malware

A hacker inserted malware in Axios, an open-source web tool downloaded tens of millions of times weekly, in a widespread hack ...

Endor Labs Finds Malware in Open Source Ecosystems Surges 14x in Two Years as Organizations Struggle to Respond

Malware in open source software is no longer a fringe threat--it's accelerating at an unprecedented rate. In 2025 alone, more than ...
diginomica

OpenSSF's CRob on why open source security is still a people problem - and why AI is making it worse before it makes it better

Four years after Log4Shell, 14% of affected artifacts are still being downloaded in vulnerable versions. OpenSSF's Chief ...

Hopper Launches SUPPLYSHIELD(TM): A Secure Open Source Supply Layer Delivering Zero-CVE, Malware-Free Components Through a Trusted Registry

SUPPLYSHIELD combines large-scale AI systems with human validation to maintain secure versions of libraries across the full dependency tree. When new vulnerabilities are disclosed, the platform ...

Trusting AI is dangerous. It’s time for an open-source revival

PCWorld explores how AI’s rise makes open-source software essential for security, as closed-source code can hide malicious ...
Security Info Watch

Vigil Launches as Open-Source AI SOC to Empower Security Teams

Vigil launches as the first open-source AI SOC to empower enterprises with transparent, extensible workflows and advanced reasoning model intelligence.

Malware in an open-source project could have infected thousands. The twist? It was certified by Delve

The malware from a LiteLLM project was bad, but the optics stemming from Delve’s involvement are worse.

Self-propagating malware poisons open source software and wipes Iran-based machines

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before ...
Futurism on MSN

OpenClaw Bots Are a Security Disaster

"I wasn’t expecting that things would break so fast." The post OpenClaw Bots Are a Security Disaster appeared first on ...
Seeking Alpha

Lakera Launches Open-Source Security Benchmark for LLM Backends in AI Agents

SAN FRANCISCO & ZURICH--(BUSINESS WIRE)-- Check Point Software Technologies Ltd. (CHKP), a pioneer and global leader of cyber security solutions, and Lakera, a world leading AI-native security ...
The Hacker News

The State of Trusted Open Source Report

Compliance continues to drive adoption of trusted open source: We saw the same themes from December present here, underscored ...