Ars Technica

Self-propagating malware poisons open source software and wipes Iran-based machines

A new hacking group has been rampaging the Internet in a persistent campaign that spreads a self-propagating and never-before-seen backdoor—and curiously a data wiper that targets Iranian machines.
Infosecurity-magazine.com

Researchers Uncover 454,000+ Malicious Open Source Packages

Security researchers have warned that the open source ecosystem has become a “structural risk,” after revealing another surge in malicious packages last year. Sonatype said in its 2026 State of the ...

Open source is collapsing under AI-powered threats | Cal.com

AI has upended the foundation of open source security, and commercial open source applications must close their code to protect sensitive data.
Diginomica

Open source maintainers are drowning in AI-generated security noise - $12.5 million is being deployed to throw them a lifeline

AI is burying open source maintainers under a flood of automated security reports they don't have the time or tools to process. The Linux Foundation's $12.5 million coalition funding aims to fix that ...
VentureBeat

OpenClaw proves agentic AI works. It also proves your security model doesn't. 180,000 developers just made that your problem.

OpenClaw, the open-source AI assistant formerly known as Clawdbot and then Moltbot, crossed 180,000 GitHub stars and drew 2 million visitors in a single week, according to creator Peter Steinberger.
9to5Mac

Security Bite: X going open-source is bad news for anonymous alt accounts

9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to ...