Getty Images reader comments 14 with Highly invasive malware targeting software developers is once again circulating in Trojanized code libraries, with the latest ones downloaded thousands of times in the last eight months, researchers said Wednesday. Since January, eight separate developer tools have contained hidden payloads with various nefarious capabilities, security firm Checkmarx reported. The… Read More »
reader comments 17 with On Wednesday, Meta announced it is open-sourcing AudioCraft, a suite of generative AI tools for creating music and audio from text prompts. With the tools, content creators can input simple text descriptions to generate complex audio landscapes, compose melodies, or even simulate entire virtual orchestras. AudioCraft consists of three core components:… Read More »
Enlarge / AlmaLinux lets you build applications that work with Red Hat Enterprise Linux but can’t promise the exact same bug environment. That’s different from how they started, but it’s also a chance to pick a new path forward. AlmaLinux OS reader comments 7 with I asked benny Vasquez, chair of the AlmaLinux OS Foundation,… Read More »
reader comments 19 with 17 posters participating Share this story A backdoor that researchers found hiding inside open source code targeting four German companies was the work of a professional penetration tester. The tester was checking clients’ resilience against a new class of attacks that exploits public repositories used by millions of software projects worldwide.… Read More »
Getty Images reader comments 95 with 73 posters participating, including story author Share this story A developer has been caught adding malicious code to a popular open-source package that wiped files on computers located in Russia and Belarus as part of a protest that has enraged many users and raised concerns about the safety of… Read More »
reader comments 179 with 99 posters participating Share this story The developer who sabotaged two of his own open source code libraries, causing disruptions for thousands of apps that used them, has a colorful past that includes embracing a QAnon theory involving Aaron Swartz, the well-known hacktivist and programmer who died by suicide in 2013.… Read More »
Getty Images reader comments 62 with 41 posters participating Share this story Exploit code has been released for a serious code-execution vulnerability in Log4j, an open-source logging utility that’s used in countless apps, including those used by large enterprise organizations, several websites reported on last Thursday. Word of the vulnerability first came to light on… Read More »
reader comments 12 with 12 posters participating Share this story Researchers have found another 17 malicious packages in an open source repository, as the use of such repositories to spread malware continues to flourish. This time, the malicious code was found in NPM, where 11 million developers trade more than 1 million packages among each… Read More »
reader comments 39 with 30 posters participating Share this story PyPI—the open source repository that both large and small organizations use to download code libraries—was hosting 11 malicious packages that were downloaded more than 41,000 times in one of the latest reported such incidents threatening the software supply chain. JFrog, a security firm that monitors… Read More »
Enlarge / Öppna Skolplattformen hoped to succeed where Skolplattform had failed. Comstock | Getty Images reader comments 8 with 8 posters participating Share this story Christian Landgren’s patience was running out. Every day the separated father of three was wasting precious time trying to get the City of Stockholm’s official school system, Skolplattform, to work… Read More »