This year’s Equifax breach was a reminder that open source software and components pose a giant risk to enterprise security despite their many benefits, especially when not properly maintained.
In April, researchers at Flashpoint Intelligence said criminals were using brute-force password attacks against the popular open source Magento ecommerce platform, leveraging the compromised access to scrape credit card records and install malware focused on cryptocurrency mining.
The researchers discovered at least 1,000 compromised Magento admin panels and said interest in the platform on the deep web and dark web has continued unabated since 2016. Moreover, there is also a noted interest in Powerfront CMS and OpenCart.
Open source code has grown in popularity over the years and is used by companies of all sizes, in all industry verticals.