Debunking myths about open-source security

In this Help Net Security interview, Stephanie Domas, CISO at Canonical, discusses common misconceptions about open-source security and how the community can work to dispel them. She explains how open-source solutions, contrary to myths, offer enterpri… Continue reading Debunking myths about open-source security

Attackers are hijacking Jupyter notebooks to host illegal Champions League streams

Normally reserved for data analysis, a cybersecurity firm caught online content pirates hosting soccer matches.

The post Attackers are hijacking Jupyter notebooks to host illegal Champions League streams appeared first on CyberScoop.

Continue reading Attackers are hijacking Jupyter notebooks to host illegal Champions League streams

Сrimeware and financial cyberthreats in 2025

Kaspersky’s GReAT looks back on the 2024 predictions about financial and crimeware threats, and explores potential cybercrime trends for 2025. Continue reading Сrimeware and financial cyberthreats in 2025

North Korean-linked hackers were caught experimenting with new macOS malware

Researchers can’t tell if the malware was used in a campaign, or North Korean operatives were caught before they could deploy it in the wild.

The post North Korean-linked hackers were caught experimenting with new macOS malware appeared first on CyberScoop.

Continue reading North Korean-linked hackers were caught experimenting with new macOS malware

AI Industry is Trying to Subvert the Definition of “Open Source AI”

The Open Source Initiative has published (news article here) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it’s how the model gets programmed—the definition makes no sense.

And it’s confusing; most “open source” AI models—like LLAMA—are open source in name only. But the OSI seems to have been co-opted by industry players that want both corporate secrecy and the “open source” label. (Here’s one …

Continue reading AI Industry is Trying to Subvert the Definition of “Open Source AI”

Am I Isolated: Open-source container security benchmark

Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime scanner runs as a container, detecting gaps in users’ container runtime isola… Continue reading Am I Isolated: Open-source container security benchmark

Osmedeus: Open-source workflow engine for offensive security

Osmedeus is an open-source workflow engine designed for offensive security. It serves as a versatile foundation, enabling users to easily create customized reconnaissance systems and scale them across extensive target lists. Osmedeus key features Speed… Continue reading Osmedeus: Open-source workflow engine for offensive security

Open-source software: A first attempt at organization after CRA

The open-source software (OSS) industry is developing the core software for the global infrastructure, to the point that even some proprietary software giants adopt Linux servers for their cloud services. Still, it has never been able to get organized … Continue reading Open-source software: A first attempt at organization after CRA