Skip to main content

SourceForge accused of hijacking Nmap project account

Open source software download site SourceForge has come under criticism again, this time for allegedly taking over the account of the Nmap security auditing software, according to its developer in an email to users.

The news comes days after SourceForge was accused of “hijacking” the account of image editing program, GIMP and bundling it in a downloader with adware. According to a report from Ars Technica, SourceForge has been assuming control of pages that are inactive.

Recommended Videos

“The old Nmap project page is now blank,” said Nmap’s developer Gordon “Fyodor” Lyon, who posted on Seclists after making the discovery. He claims that SourceForge, which is owned by Slashdot Media, has moved all of Nmap’s content to a new page that only SourceForge has control of.

“So far they seem to be providing just the official Nmap files (as long as you don’t click on the fake download buttons) and we haven’t caught them trojaning Nmap the way they did with GIMP,” he said. “But we certainly don’t trust them one bit!”

Lyon added that he will ask Sourceforge to remove the new page and directed users to the official Nmap website for downloading the program.

In response, SourceForge’s senior director of business development Roberto Galoppini stated that it has never modified the Nmap project at all.

“We find no indication that the “nmap” project has ever contained files, delivered any downloads, or had any changes made aside from the automated migration from our old SourceForge platform to the new platform which is powered by Apache Allura,” he wrote in a reply to Ars Technica’s queries.

“At the end of 2011, we established a SourceForge-hosted mirror of the nmap software, using verbatim copies of nmap’s releases, and have continued to keep that mirror up-to-date since.”

Earlier this week, SourceForge also published a blog stating that from now on any third party offers for un-maintained SourceForge projects will be opt-in only. This was in response to bundling ads with GIMP.

The code repository was sharply criticized for its practice when it was revealed that the Windows version of GIMP was archived on a SourceForge mirror site and loaded with third party ads, or adware. Sourceforge had done so as the GIMP page on its site had been left unmaintained with the program now usually downloaded elsewhere.

Jonathan Keane
Former Digital Trends Contributor
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
SanDisk’s latest drive sets new benchmark for consumer NVMe SSDs
The SanDisk WD Black SN8100 PCIe Gen 5 SSD with and without heatsink variants

SanDisk has officially introduced the WD Black SN8100, its latest high-end PCIe Gen 5 NVMe SSD targeting PC enthusiasts, gamers, and professional users. With sequential read speeds of up to 14,900 MB/s and write speeds of 14,000 MB/s, the drive sets a new bar for consumer SSD performance, surpassing some of the best NVMe SSDs currently on the market, including the Crucial T705. 

The SN8100 uses a standard M.2 2280 form factor and is available in capacities of 1TB, 2TB, 4TB, and 8TB. It’s worth noting that the 1TB model offers lower write speeds, up to 11,000 MB/s, compared to the higher-capacity versions, which reach up to 14,000 MB/s. 

Read more
Pairing the RTX 5090 with a CPU from 2006? Nvidia said ‘hold my beer’
RTX 5090.

Nvidia's best graphics cards are often paired with expensive CPUs, but what if you want to try a completely mismatched, retro configuration? Well, that used to be impossible due to driver issues. But, for whatever reason, Nvidia has just removed the instruction that prevented you from doing so, opening the door to some fun, albeit nonsensical, CPU and GPU combinations.

The instruction in question is called POPCNT (Population Count), and this is a CPU instruction that also prevents Windows 11 from being installed on older hardware. Its job is counting how many bits are present in a binary number. However, as spotted by TheBobPony on X (Twitter), POPCNT will not be a problem for Nvidia's latest graphics cards anymore.

Read more
AMD’s upcoming CPU could offer bonkers gaming performance
A fake and real AMD Ryzen 7 9800X3D side by side.

AMD's Zen 5 architecture has been a popular choice for gamers due to its outstanding performance and 3D V-Cache capacity, and now a leak suggests Zen 7 could double down on that through a new "3D Core." According to YouTuber Moore's Law is Dead, "[AMD] is moving toward a lot of official variants."

AMD reportedly plans to launch a single overall architecture, divided into different product categories, including the expected lineup: Classic Cores, Dense Cores, Efficiency Cores, and Low-Power Cores. The 3D Core is the latest addition, and it is said to "require full cache chiplets" that "seem to be leading to profound performance increases."

Read more