Featured Article

Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day

By Ax Sharma on October 12, 2023 vulnerability

Discover ten open source packages affected by the HTTP/2 Rapid Reset vulnerability, disclosed by Cloudflare this week

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

By Ax Sharma on November 08, 2020 github

5 minute read time

Gitpaste-12, a worming botnet, is extremely versatile in its advanced capabilities as it leverages trustworthy sites like GitHub and Pastebin to host itself.

Read More...

Octopus Scanner Compromises 26 OSS Projects on GitHub

By Brian Fox on May 31, 2020 #OSSsecurity

3 minute read time

The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new form of software supply chain attack targeting NetBeans projects.

Read More...

Top 10 open source projects hit by HTTP/2 'Rapid Reset' zero-day

Gitpaste-12: A dozen exploits that silently lived on GitHub, attacked Linux servers

Octopus Scanner Compromises 26 OSS Projects on GitHub

Secure your software supply chain

Subscribe for all the latest software security news and events