Dark Reading

Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

A pair of security vulnerabilities discovered in the GitHub environments of two very popular open source projects from Apache and Google could be used to stealthily modify project source code, steal ...
Nextgov

Half of critical open source projects contain memory-unsafe code, U.S. cyber agency says

Over half of critical open source tools are underpinned by code that does not internally manage memory spillover risks, opening them up to potential exploitation by hackers, according to findings ...
ZDNet

Microsoft to developers: These are our biggest and best open-source projects

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...
Bleeping Computer

Lapsus$ hackers leak 37GB of Microsoft's alleged source code

The Lapsus$ hacking group claims to have leaked the source code for Bing, Cortana, and other projects stolen from Microsoft's internal Azure DevOps server. Early Sunday morning, the Lapsus$ gang ...
Bleeping Computer

CISA: Most critical open source projects not using memory safe code

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published research looking into 172 key open-source projects and whether they are susceptible to memory flaws. The report, cosigned ...
InfoWorld

16 open source projects transforming AI and machine learning

From fine-tuning open source models to building agentic frameworks on top of them, the open source world is ripe with projects that support AI development. For several decades now, the most innovative ...
Threat Post

Microsoft: Lapsus$ Used Employee Account to Steal Source Code

The data-extortion gang got at Microsoft’s Azure DevOps server. Meanwhile, fellow Lapsus$ victim and authentication firm Okta said 2.5 percent of customers were affected in its own Lapsus$ attack. In ...