#open-source security
6 stories taggedopen-source security.

Three Quick Hits: Canadian Hacker Jailed, Open-Source Flaws Dropped, ATM Jackpotters Sentenced
A week's worth of security stories that deserve a second look — from an Anonymous-linked arrest in Canada to cash-machine criminals facing US prison time.

Twenty-Five Orgs Are Quietly Triaging Open-Source Vulns Before You Hear About Them
A coalition called Athena is building shared infrastructure to find, fix, and harden OSS projects in the window between discovery and public disclosure.

Schema as Weapon: Six Flaws in protobuf.js Open a Path to Remote Code Execution
Cyera researchers found that protobuf.js — pulled into apps 50 million times a week — will, under exploitable conditions, turn schema metadata into running code.

Ten Thousand Bugs, One Model: Inside Anthropic's Project Glasswing
Claude Mythos Preview has scanned more than a thousand open-source projects and surfaced thousands of critical flaws. The bottleneck has moved — and the patch queue is not moving fast enough.

Eight Packagist Projects Hijacked to Pull Linux Payload From GitHub Releases
The injected code lived in package.json, not composer.json, and targeted JavaScript-shipping Composer projects.

Anthropic's Mythos AI Found 23,000 Potential Vulnerabilities Across 1,000 Open-Source Projects — and Counting
The numbers are large. The confirmed critical findings are real. What Anthropic has not yet said publicly is whether any of them were exploited before disclosure.