SEARCH
Archive
Alpha-Omega Project Aims to Secure Open Source Ecosystem
The new Alpha-Omega Project from the Open Source Security Foundation will offer technical and financial assistance to open source maintainers to help them find and fix security flaws.
Failed Attacks Target SolarWinds Serv-U Bug in Log4Shell Campaigns
Microsoft researchers observed attackers exploiting the Log4Shell bug in the SolarWinds Serv-U software.
Tech Leaders, Federal Officials Seek a Way Forward for Open Source Security
White House officials and leaders from Apple, Google, GitHub, and other companies met to discuss ways to improve the security of open source projects critical to national security.
APT35 Executes PowerShell-Based Malware in Log4j Flaw Attacks
The Iran-linked threat actor is exploiting the infamous Log4j bug in order to execute a new PowerShell data exfiltration toolkit.
China-Based Actors Using Log4Shell Bug for Ransomware Deployment
Threat actors known as DEV-0401 based in China are exploiting the Log4Shell vulnerability to deploy the NightSky ransomware.