I found this the following article from PCWorld online regarding security vulnerabilities in Open Source projects. I strongly commend this to you all for your own information and the protection of your projects and users.
Note that all projects mentioned from SourceForge in that article were contacted by the researcher who found the issues and also engaged CERT/CC from Carnegie Mellon University. I also directly reached out to them this morning.
Daniel Hinojosa – SourceForge Community Manager