Don't download software from SourceForge
Many open-source programs are still available for download from SourceForge, as the open-source license means SourceForge is allowed to host them. But many developers are advising everyone not to download from SourceForge.
Nmap's developer recently sounded the alarm, saying that the nmap files on SourceForge weren't provided by the official project. "So far they seem to be providing just the official Nmap files (as long as you don't click on the fake download buttons) and we haven't caught them trojaning Nmap the way they did with GIMP," he wrote. "But we certainly don't trust them one bit!"
SourceForge appears to have removed nmap from their site, as per the developer's wishes. But there are still many open-source programs available for download on SourceForge. My recommendation? Download them from the open-source project's official website and avoid SourceForge.
Sign up for CIO Asia eNewsletters.