Open Source Ecosystem Archives

A penguin, running towards us, beak wide open and screaming

Linux Vendors Squawk: PATCH NOW — CVSS 9.8 Bootkit Bug in shim.efi

Richi Jennings | February 8, 2024 | BIOS, CVE-2023-40547, Enterprise Linux and Open Source, Linux, open source, Open Source and Software Supply Chain Risks, open source code, Open Source Community, open source components, open source development, Open Source Ecosystem, SB Blogwatch, secure boot, shim, UEFI, UEFI Failing, UEFI vulnerabilities

Snow joke: A Microsoft researcher found it—and it’s somehow Microsoft’s fault ...

Security Boulevard

Alert: NuGet Package SeroXen RAT Threat to .NET Developers

Wajahat Raja | October 24, 2023 | .net development, Cross Platform Development, Cybersecurity Best Practices, Cybersecurity News, cybersecurity threats, Deceptive Packages, Developer Security, malicious packages, NuGet Package, Open Source Ecosystem, Security Vulnerabilities, SeroXen RAT, Software Supply Chains, supply chain security

In a recent security issue, a deceptive NuGet package threatens .NET developers with the deployment of the SeroXen RAT, a harmful remote access trojan. Because the .NET framework is no longer limited ...

TuxCare

Supply Chain Attack Inception

Joao Correia | September 25, 2023 | Java, Java Projects, Open Source Ecosystem, SecureChain for Java, supply chain

There are many forms of supply chain attacks – repository hacking, developer initiated attacks, library tampering, domain hijacking, the list goes on – but an attack where the malware deliberately looks for ...

TuxCare