The Open Source Security Foundation has introduced the Open Source Project Security Baseline (OSPS Baseline), a tiered framework to standardize security practices in open-source projects. Aligning with global regulations, it categorizes requirements into three maturity levels and introduces controls across five domains. Early adopters include GUAC, OpenVEX, and OpenTelemetry, aiming to enhance security and resilience in open-source development.
Multi-Vector Malware Exploiting Outlook API, DNS & ICMP Tunneling for C2
The newly identified malware “Squidoor,” suspected to be created by a Chinese threat actor, is a sophisticated tool targeting sectors such as government, defence, telecommunications,
