Open source security concerns. Cyberespionage, with some catphishing. Spyware in El Salvador.

Dateline Washington: open source security and threats to critical infrastructure.

Open-source software and threats to critical infrastructure. (The CyberWire) Open-source software is vital to the tech industry. The bad actors haven’t overlooked that.

NATO, Russia in a standoff after talks in Brussels (POLITICO) Russian officials refuse to commit to withdraw troops from Ukrainian border as West rejects Moscow’s core security demands.

Russia Conducts Military Drills by Ukraine, Says U.S. Must Ease Tensions (Newsweek) A top Russian lawmaker has said the onus is on Washington to decrease tensions with Moscow as international talks continue about the Kremlin’s build-up of troops by the border with Ukraine.

Federal agencies warn of Russian hackers targeting critical infrastructure (TheHill) Federal agencies are warning about Russian hackers potentially targeting critical infrastructure in the United States.

U.S. Security Agencies Issue Advisory on Russian Cyber Attacks on Infrastructure (Insurance Journal) Federal cybersecurity officials are again warning of Russian cyber attacks and urging critical infrastructure networks in particular to be on alert. The

Russian APTs: Why Stakes Are So High for Healthcare Sector (Gov Info Security) Healthcare and public health sector entities must heed the warnings this week by federal authorities of Russian state-sponsored cyberthreats to critical

As the Russian Threat to Ukraine Grows, U.S. Warns of Cyber Disruption (The Maritime Executive) As the possibility of a Russian attack on Ukraine grows, Americas federal cybersecurity agencies are…

White House hosts open-source software security summit in light of expansive Log4j flaw (CyberScoop) Tech giants and federal agencies will meet at the White House on Thursday to discuss open-source software security, a response to the widespread Log4j vulnerability that’s worrying industry and cyber leaders.

The Open Source Software Security Summit: securing the world’s code together (The GitHub Blog) My colleague Stormy Peters and I are proud to represent GitHub at the White House’s Open Source Software Security Summit.

Attacks, Threats, and Vulnerabilities

Iranian intel cyber suite of malware uses open source…