39 Million Secrets Leaked on GitHub in 2024 2025-04-03 at 14:01 By Ionut Arghire GitHub has announced new capabilities to help organizations and developers keep secrets in their code protected. The post 39 Million Secrets Leaked on GitHub in 2024 appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React […]
React to this headline:
39 Million Secrets Leaked on GitHub in 2024 Read More »
BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework 2025-04-02 at 07:35 By Mirko Zorz BlueToolkit is an open-source tool that helps find security flaws in Bluetooth Classic devices. It runs known and custom exploits to test if a device is vulnerable. Right now, it includes 43 different exploits. Some are public, and others were made specifically
React to this headline:
BlueToolkit: Open-source Bluetooth Classic vulnerability testing framework Read More »
Exegol: Open-source hacking environment 2025-03-31 at 08:02 By Mirko Zorz Exegol is a community-driven hacking environment, which helps users deploy hacking setups quickly and securely. It’s made for penetration testers, CTF players, bug bounty hunters, researchers, defenders, and both new and experienced users. Exegol offers clean, secure environments. Each project can have its own Docker
React to this headline:
Exegol: Open-source hacking environment Read More »
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH 2025-03-28 at 13:31 By Help Net Security OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access. By tightly integrating with identity providers (IdPs) and
React to this headline:
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH Read More »
Hottest cybersecurity open-source tools of the month: March 2025 2025-03-27 at 07:01 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Hetty: Open-source HTTP toolkit for security research Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative
React to this headline:
Hottest cybersecurity open-source tools of the month: March 2025 Read More »
Malwoverview: First response tool for threat hunting 2025-03-26 at 07:32 By Mirko Zorz Malwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. “Malwoverview is simple and direct, integrating multiple public sandboxes to retrieve and display only relevant information. It enables
React to this headline:
Malwoverview: First response tool for threat hunting Read More »
Finders Keypers: Open-source AWS KMS key usage finder 2025-03-24 at 07:32 By Mirko Zorz Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases include: Identifying the blast radius of specific KMS keys and the
React to this headline:
Finders Keypers: Open-source AWS KMS key usage finder Read More »
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed 2025-03-21 at 12:17 By Eduard Kovacs More details have come to light on the recent supply chain attack targeting GitHub Actions, including its root cause. The post Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed appeared first on SecurityWeek. This article is an
React to this headline:
Impact, Root Cause of GitHub Actions Supply Chain Hack Revealed Read More »
70% of leaked secrets remain active two years later 2025-03-20 at 07:01 By Help Net Security Long-lived plaintext credentials have been involved in most breaches over the last several years, according to GitGuardian. When valid credentials, such as API keys, passwords, and authentication tokens, leak, attackers at any skill level can gain initial access or
React to this headline:
70% of leaked secrets remain active two years later Read More »
Dependency-Check: Open-source Software Composition Analysis (SCA) tool 2025-03-19 at 07:47 By Help Net Security Dependency-Check is an open-source Software Composition Analysis (SCA) tool to identify publicly disclosed vulnerabilities within a project’s dependencies. The tool analyzes dependencies for Common Platform Enumeration (CPE) identifiers. When a match is found, the tool generates a report with links to
React to this headline:
Dependency-Check: Open-source Software Composition Analysis (SCA) tool Read More »
GitHub project maintainers targeted with fake security alert 2025-03-17 at 12:52 By Zeljka Zorz A phishing campaign targeting GitHub account owners has been trying to scare them with a fake security alert into allowing a malicious OAuth app access to their account and repositories. The fake security alert from GitHub GitHub users have taken to
React to this headline:
GitHub project maintainers targeted with fake security alert Read More »
Popular GitHub Action Targeted in Supply Chain Attack 2025-03-17 at 12:04 By Eduard Kovacs The tj-actions/changed-files GitHub Action, which is used in 23,000 repositories, has been targeted in a supply chain attack. The post Popular GitHub Action Targeted in Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original
React to this headline:
Popular GitHub Action Targeted in Supply Chain Attack Read More »
IntelMQ: Open-source tool for collecting and processing security feeds 2025-03-17 at 07:02 By Mirko Zorz IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs,
React to this headline:
IntelMQ: Open-source tool for collecting and processing security feeds Read More »
NetBird: Open-source network security 2025-03-12 at 08:03 By Help Net Security NetBird is an open-source solution that integrates a configuration-free peer-to-peer private network with centralized access control, providing a single platform to build secure private networks for your organization or home. NetBird features NetBird creates a WireGuard-based overlay network that automatically connects your machines over
React to this headline:
NetBird: Open-source network security Read More »
Hetty: Open-source HTTP toolkit for security research 2025-03-10 at 08:17 By Help Net Security Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of
React to this headline:
Hetty: Open-source HTTP toolkit for security research Read More »
Fix Inventory: Open-source cloud asset inventory tool 2025-03-05 at 08:04 By Help Net Security Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native environments and provides broad support for over 300 cloud services, including AWS, Google Cloud Platform, Azure,
React to this headline:
Fix Inventory: Open-source cloud asset inventory tool Read More »
Commix: Open-source OS command injection exploitation tool 2025-03-03 at 08:08 By Help Net Security Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simplifies the process of identifying and exploiting command injection
React to this headline:
Commix: Open-source OS command injection exploitation tool Read More »
Hottest cybersecurity open-source tools of the month: February 2025 2025-02-27 at 07:31 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source threat hunting tool for Linux Kunai is an open-source tool that provides deep and precise event monitoring for Linux
React to this headline:
Hottest cybersecurity open-source tools of the month: February 2025 Read More »
Hundreds of GitHub repos served up malware for years 2025-02-26 at 13:13 By Zeljka Zorz Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the course of the GitVenom campaign, the threat actors behind
React to this headline:
Hundreds of GitHub repos served up malware for years Read More »
Dalfox: Open-source XSS scanner 2025-02-26 at 08:20 By Mirko Zorz DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its speed and ability to easily
React to this headline:
Dalfox: Open-source XSS scanner Read More »