Open Source | Breaking Cybersecurity News | The Hacker News

Cybersecurity researchers have discovered a critical vulnerability in the open-source mcp-remote project that could result in the execution of arbitrary operating system (OS) commands. The vulnerability, tracked as CVE-2025-6514 , carries a CVSS score of 9.6 out of 10.0. "The vulnerability allows attackers to trigger arbitrary OS command execution on the machine running mcp-remote when it initiates a connection to an untrusted MCP server, posing a significant risk to users – a full system compromise," Or Peles, JFrog Vulnerability Research Team Leader, said . Mcp-remote is a tool that sprang forth following Anthropic's release of Model Context Protocol (MCP), an open-source framework that standardizes the way large language model (LLM) applications integrate and share data with external data sources and services. It acts as a local proxy, enabling MCP clients like Claude Desktop to communicate with remote MCP servers, as opposed to running them locally on the same...

Cybersecurity researchers have flagged a supply chain attack targeting a Microsoft Visual Studio Code (VS Code) extension called Ethcode that has been installed a little over 6,000 times. The compromise, per ReversingLabs , occurred via a GitHub pull request that was opened by a user named Airez299 on June 17, 2025. First released by 7finney in 2022, Ethcode is a VS Code extension that's used to deploy and execute solidity smart contracts in Ethereum Virtual Machine ( EVM )-based blockchains. An EVM is a decentralized computation engine that's designed to run smart contracts on the Ethereum network. According to the supply chain security company, the GitHub project received its last non-malicious update on September 6, 2024. That changed last month when Airez299 opened a pull request with the message "Modernize codebase with viem integration and testing framework." The user claimed to have added a new testing framework with Mocha integration and contract testin...

The French cybersecurity agency on Tuesday revealed that a number of entities spanning governmental, telecommunications, media, finance, and transport sectors in the country were impacted by a malicious campaign undertaken by a Chinese hacking group by weaponizing several zero-day vulnerabilities in Ivanti Cloud Services Appliance (CSA) devices. The campaign, detected at the beginning of September 2024, has been attributed to a distinct intrusion set codenamed Houken , which is assessed to share some level overlaps with a threat cluster tracked by Google Mandiant under the moniker UNC5174 (aka Uteus or Uetus). "While its operators use zero-day vulnerabilities and a sophisticated rootkit, they also leverage a wide number of open-source tools mostly crafted by Chinese-speaking developers," the French National Agency for the Security of Information Systems (ANSSI) said . "Houken's attack infrastructure is made up of diverse elements -- including commercial VPNs and d...

Cybersecurity researchers have disclosed a critical vulnerability in the Open VSX Registry ("open-vsx[.]org") that, if successfully exploited, could have enabled attackers to take control of the entire Visual Studio Code extensions marketplace, posing a severe supply chain risk. "This vulnerability provides attackers full control over the entire extensions marketplace, and in turn, full control over millions of developer machines," Koi Security researcher Oren Yomtov said . "By exploiting a CI issue a malicious actor could publish malicious updates to every extension on Open VSX." Following responsible disclosure on May 4, 2025, multiple rounds of fixes were proposed by the maintainers, before a final patch was deployed on June 25. Open VSX Registry is an open-source project and alternative to the Visual Studio Marketplace. It's maintained by the Eclipse Foundation. Several code editors like Cursor, Windsurf, Google Cloud Shell Editor, Gitpod, an...

Cybersecurity researchers have uncovered a fresh batch of malicious npm packages linked to the ongoing Contagious Interview operation originating from North Korea. According to Socket , the ongoing supply chain attack involves 35 malicious packages that were uploaded from 24 npm accounts. These packages have been collectively downloaded over 4,000 times. The complete list of the JavaScript libraries is below - react-plaid-sdk sumsub-node-websdk vite-plugin-next-refresh vite-plugin-purify nextjs-insight vite-plugin-svgn node-loggers react-logs reactbootstraps framer-motion-ext serverlog-dispatch mongo-errorlog next-log-patcher vite-plugin-tools pixel-percent test-topdev-logger-v1 test-topdev-logger-v3 server-log-engine logbin-nodejs vite-loader-svg struct-logger flexible-loggers beautiful-plugins chalk-config jsonpacks jsonspecific jsonsecs util-buffers blur-plugins proc-watch node-orm-mongoose prior-config use-videos lucide-node, and router-parse ...

Threat hunters are calling attention to a new variant of a remote access trojan (RAT) called Chaos RAT that has been used in recent attacks targeting Windows and Linux systems. According to findings from Acronis, the malware artifact may have been distributed by tricking victims into downloading a network troubleshooting utility for Linux environments. "Chaos RAT is an open-source RAT written in Golang, offering cross-platform support for both Windows and Linux systems," security researchers Santiago Pontiroli, Gabor Molnar, and Kirill Antonenko said in a report shared with The Hacker News. "Inspired by popular frameworks such as Cobalt Strike and Sliver, Chaos RAT provides an administrative panel where users can build payloads, establish sessions, and control compromised machines." While work on the "remote administration tool" started way back in 2017, it did not attract attention until December 2022 , when it was put to use in a malicious campaig...

Several malicious packages have been uncovered across the npm, Python, and Ruby package repositories that drain funds from cryptocurrency wallets, erase entire codebases after installation, and exfiltrate Telegram API tokens, once again demonstrating the variety of supply chain threats lurking in open-source ecosystems. The findings come from multiple reports published by Checkmarx, ReversingLabs, Safety, and Socket in recent weeks. The list of identified packages across these platforms are listed below - Socket noted that the two malicious gems were published by a threat actor under the aliases Bùi nam, buidanhnam, and si_mobile merely days after Vietnam ordered a nationwide ban on the Telegram messaging app late last month for allegedly not cooperating with the government to tackle illicit activities related to fraud, drug trafficking, and terrorism. "These gems silently exfiltrate all data sent to the Telegram API by redirecting traffic through a command-and-control (C2...

As many as 60 malicious npm packages have been discovered in the package registry with malicious functionality to harvest hostnames, IP addresses, DNS servers, and user directories to a Discord-controlled endpoint. The packages, published under three different accounts, come with an install‑time script that's triggered during npm install, Socket security researcher Kirill Boychenko said in a report published last week. The libraries have been collectively downloaded over 3,000 times. "The script targets Windows, macOS, or Linux systems, and includes basic sandbox‑evasion checks, making every infected workstation or continuous‑integration node a potential source of valuable reconnaissance," the software supply chain security firm said . The names of the three accounts, each of which published 20 packages within an 11-day time period, are listed below. The accounts no longer exist on npm - bbbb335656 cdsfdfafd1232436437, and  sdsds656565 The malicious code, per So...

From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall (WAF) on GitHub, with over 16.4K stars and a rapidly growing global user base. This walkthrough covers what SafeLine is, how it works, and why it's becoming the go-to solution over cloud-based WAFs. What is SafeLine WAF? SafeLine is a self-hosted web application firewall that acts as a reverse proxy, filtering and monitoring HTTP/HTTPS traffic to block malicious requests before they reach your backend web applications. Unlike cloud-based WAFs, SafeLine runs entirely on your own servers—giving you unmatched visibility and data sovereignty. Key Features of SafeLine WAF Comprehensive Attack Prevention SafeLine effectively blocks a wide range of common and advanced web attacks, including SQL injection(SQLi), cross-site scripting (XSS), OS co...

Cybersecurity researchers have discovered risky default identity and access management (IAM) roles impacting Amazon Web Services that could open the door for attackers to escalate privileges, manipulate other AWS services, and, in some cases, even fully compromise AWS accounts. "These roles, often created automatically or recommended during setup, grant overly broad permissions, such as full S3 access," Aqua researchers Yakir Kadkoda and Ofek Itach said in an analysis. "These default roles silently introduce attack paths that allow privilege escalation, cross-service access, and even potential account compromise." The cloud security firm said it identified security issues in default IAM roles created by AWS services like SageMaker, Glue, EMR, and Lightsail. A similar flaw has also been unearthed in a popular open-source framework called Ray, which automatically creates a default IAM role (ray-autoscaler-v1) with the AmazonS3FullAccess policy. What's concer...

Cybersecurity researchers have uncovered malicious packages uploaded to the Python Package Index (PyPI) repository that act as checker tools to validate stolen email addresses against TikTok and Instagram APIs. All three packages are no longer available on PyPI. The names of the Python packages are below - checker-SaGaF (2,605 downloads) steinlurks (1,049 downloads) sinnercore (3,300 downloads) "True to its name, checker-SaGaF checks if an email is associated with a TikTok account and an Instagram account," Socket researcher Olivia Brown said in an analysis published last week. Specifically, the package is designed to send HTTP POST requests to TikTok's password recovery API and Instagram's account login endpoints to determine if an email address passed as input is valid, meaning there exists an account holder corresponding to that email address. "Once threat actors have this information, just from an email address, they can threaten to dox or spam, c...

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that purports to be an application related to the Solana blockchain, but contains malicious functionality to steal source code and developer secrets. The package, named solana-token, is no longer available for download from PyPI, but not before it was downloaded 761 times . It was first published to PyPI in early April 2024, albeit with an entirely different version numbering scheme. "When installed, the malicious package attempts to exfiltrate source code and developer secrets from the developer's machine to a hard-coded IP address," ReversingLabs researcher Karlo Zanki said in a report shared with The Hacker News. In particular, the package is designed to copy and exfiltrate the source code contained in all the files in the Python execution stack under the guise of a blockchain function named "register_node()." This unusual behavior suggests that...

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that masquerades as a seemingly harmless Discord-related utility but incorporates a remote access trojan. The package in question is discordpydebug , which was uploaded to PyPI on March 21, 2022. It has been downloaded 11,574 times and continues to be available on the open-source registry. Interestingly, the package has not received any update since then. "At first glance, it appeared to be a simple utility aimed at developers working on Discord bots using the Discord.py library," the Socket Research Team said . "However, the package concealed a fully functional remote access trojan (RAT)." The package, once installed, contacts an external server ("backstabprotection.jamesx123.repl[.]co"), and includes features to read and write arbitrary files based on commands, readfile or writefile, received from the server. The RAT also supports the ability...