Password manager utility KeePass has had to defend its reputation following the discovery of a potential vulnerability that could expose users’ secret data. However, the company states the issue only arises if an attacker already controls a compromised account. Additionally, OpenSSL project has released patches to address a variety of vulnerabilities, including a high-impact flaw. In related news, a system administrator on Reddit was victim of a phishing attack, gaining the attackers access to some internal documents and code.
Sonatype reports rise in open source malware to 17,954
The 1Q 2025 Open Source Malware Index from Sonatype revealed that open source malware packages doubled compared to the same period last year, with 56%
