ZDNet

Free, easy to use, and available to anyone: The powerful malware hiding in plain sight on the open web

When people hear about a cyber attack or hacking campaign, they may picture a well-oiled machine that's taken time, skills and resources to build. They imagine underground forums on the dark web, ...
CSOonline

GitHub hit by a sophisticated malware campaign as ‘Banana Squad’ mimics popular repos

Attackers use typo-squatting, obfuscation, and fake accounts to slip Python-based malware into open-source projects, raising fresh alarms for OSS supply chain security. A threat group dubbed “Banana ...
ZDNet

GitHub suspends member over 'mass-assignment' hack

A GitHub member was briefly suspended on Sunday after he exploited a vulnerability in the code repository's systems without first telling GitHub he was going to do so. Egor Homakov's hack caused ...
Dark Reading

Toyota Builds Open-Source Car-Hacking Tool

BLACK HAT EUROPE 2018 – London – A Toyota security researcher on his flight from Japan here to London carried on-board a portable steel attaché case that houses the carmaker's new vehicle ...
Wired

GitHub Takes Aim at Open Source Software Vulnerabilities

Open source software has the potential to be very secure. Unlike proprietary code that can only be accessed directly by its own developers, anyone can vet open source projects to spot flaws and bugs.