GitHub

Cynative: Open-source deep research agent

Cynative: Open-source deep research agent 2026-07-13 at 09:00 By Mirko Zorz Running a large language model against a live cloud account to hunt for security holes comes with an obvious hazard. An agent that holds real credentials and a mandate to poke around can delete a bucket, flip a permission, or leak a secret on […]

Cynative: Open-source deep research agent Read More »

Ghost Accounts Abuse GitHub API in Mass Recon Campaign

Ghost Accounts Abuse GitHub API in Mass Recon Campaign 2026-07-11 at 20:30 By Ionut Arghire Multiple campaigns are using ghost accounts to map GitHub organizations, including their repositories and members. The post Ghost Accounts Abuse GitHub API in Mass Recon Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Ghost Accounts Abuse GitHub API in Mass Recon Campaign Read More »

Network of 200 GitHub Repositories Used for Malware Infection

Network of 200 GitHub Repositories Used for Malware Infection 2026-07-10 at 11:00 By Ionut Arghire A Go module is used to load PowerShell code that fetches a resolver from public dead drops to execute Windows malware. The post Network of 200 GitHub Repositories Used for Malware Infection appeared first on SecurityWeek. This article is an

Network of 200 GitHub Repositories Used for Malware Infection Read More »

Your coding agent says no in chat and yes in the code

Your coding agent says no in chat and yes in the code 2026-07-09 at 13:44 By Mirko Zorz Millions of developers share their keyboard with GitHub Copilot. Inside Visual Studio Code, it opens their files, writes and edits code, runs scripts, and reworks its own output across many turns. The safety testing that vets these

Your coding agent says no in chat and yes in the code Read More »

Open-source collaboration is growing worldwide and putting pressure on maintainers

Open-source collaboration is growing worldwide and putting pressure on maintainers 2026-07-09 at 08:10 By Sinisa Markovic Developers are pushing code and opening pull requests across economy borders at a rate GitHub has rarely seen. Outbound collaboration, the sum of git pushes and pull requests sent from developers in one economy to public repositories in another,

Open-source collaboration is growing worldwide and putting pressure on maintainers Read More »

Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection

Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection 2026-07-08 at 13:30 By Ionut Arghire Researchers show how attackers can use a crafted public GitHub Issue to trick AI-powered workflows into exposing data from private repositories without authentication. The post Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection appeared first on SecurityWeek. This article

Critical Vulnerability Exposes GitHub Agentic Workflows to Prompt Injection Read More »

20 open-source cybersecurity tools to keep your team ready for anything

20 open-source cybersecurity tools to keep your team ready for anything 2026-07-08 at 08:30 By Anamarija Pogorelec AI is changing how security teams find vulnerabilities, analyze code, test applications, and protect infrastructure. Developers are building tools to secure AI systems themselves, from coding agents and memory protection to model exposure discovery. This roundup covers recent

20 open-source cybersecurity tools to keep your team ready for anything Read More »

Apple Container: Open-source tool for Linux containers on the Mac

Apple Container: Open-source tool for Linux containers on the Mac 2026-07-07 at 08:00 By Anamarija Pogorelec Developers on Apple silicon Macs have run Linux containers through software built around a single shared virtual machine for years. Apple’s open-source Container project gives each Linux workload its own lightweight virtual machine. Container is written in Swift and

Apple Container: Open-source tool for Linux containers on the Mac Read More »

Omnigent: Open-source AI agent framework and meta-harness

Omnigent: Open-source AI agent framework and meta-harness 2026-07-06 at 08:30 By Sinisa Markovic Plenty of developers now keep several coding agents close at hand, reaching for Claude Code on one task and Codex or Cursor on the next. Each tool arrives with its own command line, its own handling of credentials, and its own way

Omnigent: Open-source AI agent framework and meta-harness Read More »

Flipper Zero firmware development gets a fresh set of community rules

Flipper Zero firmware development gets a fresh set of community rules 2026-07-06 at 07:57 By Sinisa Markovic Owners of the Flipper Zero, the pocket-sized wireless testing tool, spent recent weeks worried that its official firmware had gone quiet. Pavel Zhovner, CEO of Flipper Devices, moved to settle that concern with word that the company has

Flipper Zero firmware development gets a fresh set of community rules Read More »

GitHub’s new tool helps prevent costly open-source license violations

GitHub’s new tool helps prevent costly open-source license violations 2026-07-02 at 07:00 By Anamarija Pogorelec GitHub’s Open Source Program Office (OSPO) uses the new GitHub License Compliance feature, now in public preview, to manage thousands of open-source dependencies and identify dependencies whose licenses require review. The feature is available to GitHub Advanced Security customers and

GitHub’s new tool helps prevent costly open-source license violations Read More »

Nika: Open-source code analysis tool

Nika: Open-source code analysis tool 2026-07-01 at 09:00 By Mirko Zorz Many serious security bugs in web applications sit across several files at once. Request data enters through a controller, moves through data objects and service layers, and turns dangerous only when it reaches a sensitive operation such as a database query or a file

Nika: Open-source code analysis tool Read More »

Vulnerability reports are arriving faster than GitHub can review them

Vulnerability reports are arriving faster than GitHub can review them 2026-06-30 at 08:25 By Anamarija Pogorelec Across the open source world, people are reporting software flaws in record numbers, and the systems built to verify those reports are straining under the weight. The GitHub Advisory Database, which feeds automated security alerts to millions of projects,

Vulnerability reports are arriving faster than GitHub can review them Read More »

Hottest cybersecurity open-source tools of the month: June 2026

Hottest cybersecurity open-source tools of the month: June 2026 2026-06-30 at 08:00 By Anamarija Pogorelec Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory AI

Hottest cybersecurity open-source tools of the month: June 2026 Read More »

DarkMoon: Open-source AI pentesting platform

DarkMoon: Open-source AI pentesting platform 2026-06-29 at 08:30 By Mirko Zorz Penetration testing has long run on expert time, with specialists spending days probing a network or web application by hand. Manual engagements stretch across weeks, expert consultants run into thousands of dollars a day, and results vary with the tester. Automation promises to narrow

DarkMoon: Open-source AI pentesting platform Read More »

Modelplane: Open-source control plane for AI inference

Modelplane: Open-source control plane for AI inference 2026-06-26 at 07:30 By Anamarija Pogorelec Organizations that run open-weight models on hardware they own operate GPU fleets spread across clouds, neoclouds, and on-premise data centers. Each fleet handles model placement, replica scaling, infrastructure provisioning, weight distribution, and traffic routing. Teams have built this coordination layer by hand,

Modelplane: Open-source control plane for AI inference Read More »

Agent Beacon: Open-source telemetry layer for AI agents

Agent Beacon: Open-source telemetry layer for AI agents 2026-06-22 at 08:30 By Mirko Zorz AI coding agents such as Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, cloud environments, where they edit files, run commands, and call outside tools. Beacon, an open-source project from Asymptote Labs, configures telemetry for

Agent Beacon: Open-source telemetry layer for AI agents Read More »

GitHub releases an open dataset for multilingual developer content

GitHub releases an open dataset for multilingual developer content 2026-06-16 at 09:55 By Anamarija Pogorelec Developers coordinate code across README files, issue threads, and pull request discussions. Much of that exchange happens in English, and a large share happens in other languages. GitHub has released a dataset built to help researchers and developers locate public

GitHub releases an open dataset for multilingual developer content Read More »

Open-source CI/CD abuse detector guards against stolen credential attacks

Open-source CI/CD abuse detector guards against stolen credential attacks 2026-06-15 at 08:30 By Sinisa Markovic CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure

Open-source CI/CD abuse detector guards against stolen credential attacks Read More »

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks 2026-06-13 at 18:52 By Ionut Arghire By default, npm install will no longer execute scripts from dependencies, unless explicitly allowed. The post NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks appeared first on SecurityWeek. This article is an excerpt

NPM 12 Will Change Script Execution Behavior to Prevent Supply Chain Attacks Read More »

Scroll to Top