An analysis by ReversingLabs indicates that commercial software is plagued with security vulnerabilities similar to those found in open-source code. Scans of various commercial software binaries, including VPNs and web browsers, exposed critical flaws, inadequate hardening, and compromised secrets. Conversely, open-source packages also show concerning security metrics. Notably, vulnerabilities have increased, with many critical flaws discovered in popular repositories. The report emphasizes a 12% increase in exposed development secrets and highlights new, sophisticated attack methods like 'nullifAI', underscoring the urgent need for secure practices in all software development environments.
Commercial software and open source code both exhibit significant vulnerabilities, with serious risks identified in widely used applications that warrant attention from developers and security teams.
Scans revealed that numerous commercial software binaries received failing security grades due to exposed secrets, tampering evidence, and lack of application hardening.
The increase in vulnerabilities in open-source packages, especially with a rise in exposed development secrets, highlights the need for enhanced security practices in both commercial and open-source environments.
The emergence of advanced exploitation techniques like 'nullifAI' signifies the growing complexity of threats faced by both open-source and commercial software, necessitating ongoing vigilance.
Collection
[
|
...
]