GitHub

Dependency-Track: Open-source component analysis platform

cybersecurity, data analysis, Don't miss, GitHub, News, open source, software /

Dependency-Track: Open-source component analysis platform 2025-10-27 at 08:46 By Sinisa Markovic Software is a patchwork of third-party components, and keeping tabs on what’s running under the hood has become a challenge. The open-source platform Dependency-Track tackles that problem head-on. Rather than treating software composition as a one-time scan, it continuously monitors every version of every […]

Dependency-Track: Open-source component analysis platform Read More »

OpenFGA: The open-source engine redefining access control

access control, DevOps, Don't miss, GitHub, News, open source, software, Terraform /

OpenFGA: The open-source engine redefining access control 2025-10-22 at 15:13 By Sinisa Markovic OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers model and enforce fine-grained access control in their applications. At its core, OpenFGA enables teams to define who can do what

OpenFGA: The open-source engine redefining access control Read More »

Nodepass: Open-source TCP/UDP tunneling solution

cybersecurity, DevOps, Don't miss, GitHub, network monitoring, networking, News, open source, penetration testing, red team, software /

Nodepass: Open-source TCP/UDP tunneling solution 2025-10-20 at 13:18 By Sinisa Markovic When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a compact but powerful TCP/UDP tunneling solution built for DevOps teams and system administrators who need to manage complex network

Nodepass: Open-source TCP/UDP tunneling solution Read More »

Maltrail: Open-source malicious traffic detection system

Don't miss, GitHub, Linux, malware detection, monitoring, News, open source, software, Threat Intelligence, traffic monitoring /

Maltrail: Open-source malicious traffic detection system 2025-10-15 at 08:30 By Sinisa Markovic Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available blacklists, as well as static lists compiled from antivirus reports and user-defined sources. These “trails” can include domain names, URLs,

Maltrail: Open-source malicious traffic detection system Read More »

Nagios: Open-source monitoring solution

Don't miss, GitHub, monitoring, News, open source, software /

Nagios: Open-source monitoring solution 2025-10-10 at 08:19 By Anamarija Pogorelec Nagios is an open-source monitoring solution, now included as part of the robust Nagios Core Services Platform (CSP). It delivers end-to-end visibility across the entire IT infrastructure, covering everything from websites and DNS to servers, routers, switches, workstations, and critical services. It helps organizations proactively

Nagios: Open-source monitoring solution Read More »

GitHub Copilot Chat Flaw Leaked Data From Private Repositories

AI, Artificial Intelligence, Data leak, GitHub, GitHub Copilot, vulnerability /

GitHub Copilot Chat Flaw Leaked Data From Private Repositories 2025-10-09 at 14:04 By Ionut Arghire Hidden comments allowed full control over Copilot responses and leaked sensitive information and source code. The post GitHub Copilot Chat Flaw Leaked Data From Private Repositories appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

GitHub Copilot Chat Flaw Leaked Data From Private Repositories Read More »

DefectDojo: Open-source DevSecOps platform

DevSecOps, Don't miss, GitHub, News, open source, software /

DefectDojo: Open-source DevSecOps platform 2025-10-08 at 09:39 By Anamarija Pogorelec DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track and remove duplicate findings, handle remediation, and generate reports. Whether you’re a solo security practitioner or a CISO managing multiple teams, DefectDojo helps

DefectDojo: Open-source DevSecOps platform Read More »

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines

Artificial Intelligence, generative AI, GitHub, News, Protegrity, Python, software /

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines 2025-10-03 at 09:39 By Help Net Security Protegrity Developer Edition enables developers, data scientists, ML engineers, and security teams an easy way to add data protection into GenAI and unstructured data workflows, without the need for enterprise setup. Billed as the first enterprise-grade, governance-focused

Protegrity Developer Edition: Free containerized Python package to secure AI pipelines Read More »

Hackers claim to have plundered Red Hat’s GitHub repos

data breach, data theft, Don't miss, GitHub, Hot stuff, News, Red Hat /

Hackers claim to have plundered Red Hat’s GitHub repos 2025-10-02 at 20:00 By Zeljka Zorz The Crimson Collective, an emerging extortion / hacker group, has made a bombshell claim on their Telegram channel: they have gained access to Red Hat’s GitHub and have exfiltrated data from over 28,000 internal repositories connected to the company’s consulting

Hackers claim to have plundered Red Hat’s GitHub repos Read More »

Chekov: Open-source static code analysis tool

cloud security, code analysis, cybersecurity, Don't miss, GitHub, News, open source, software /

Chekov: Open-source static code analysis tool 2025-10-02 at 09:18 By Sinisa Markovic Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code (IaC), but it also goes a step further by providing software composition analysis (SCA) for

Chekov: Open-source static code analysis tool Read More »

Firezone: Open-source platform to securely manage remote access

cybersecurity, GitHub, News, open source, remote access, secure connectivity, software, VPN /

Firezone: Open-source platform to securely manage remote access 2025-09-29 at 08:36 By Sinisa Markovic Firezone is an open-source platform that helps organizations of any size manage secure remote access. Unlike most VPNs, it uses a least-privileged model, giving users only the access they need. Firezone was built to scale from the start, so you can

Firezone: Open-source platform to securely manage remote access Read More »

Delinea releases free open-source MCP server to secure AI agents

agentic AI, Artificial Intelligence, cybersecurity, Delinea, GitHub, News, open source, software /

Delinea releases free open-source MCP server to secure AI agents 2025-09-26 at 08:06 By Sinisa Markovic AI agents are becoming more common in the workplace, but giving them access to sensitive systems can be risky. Credentials often get stored in plain text, added to prompts, or passed around without proper oversight. Delinea wants to fix

Delinea releases free open-source MCP server to secure AI agents Read More »

GitHub Boosting Security in Response to NPM Supply Chain Attacks 

2FA, Application Security, authentication, GitHub, NPM, supply chain, Supply Chain Security /

GitHub Boosting Security in Response to NPM Supply Chain Attacks  2025-09-24 at 13:18 By Ionut Arghire GitHub will implement local publishing with mandatory 2FA, granular tokens that expire after seven days, and trusted publishing. The post GitHub Boosting Security in Response to NPM Supply Chain Attacks  appeared first on SecurityWeek. This article is an excerpt

GitHub Boosting Security in Response to NPM Supply Chain Attacks  Read More »

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history

GitHub, News, open source, scanning, software /

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history 2025-09-24 at 08:10 By Anamarija Pogorelec Nosey Parker is an open-source command-line tool that helps find secrets and sensitive information hidden in text files. It works like a specialized version of grep, focused on spotting things like passwords, API keys, and other

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history Read More »

Malicious GitHub pages lure MacOS users into installing Atomic infostealer

Don't miss, GitHub, Hot stuff, LastPass, macOS, Malware, News, SEO, social engineering /

Malicious GitHub pages lure MacOS users into installing Atomic infostealer 2025-09-22 at 17:52 By Zeljka Zorz MacOS users looking to download popular software such as LastPass, 1Password, After Effects, Gemini, and many others are in danger of getting saddled with the Atomic infostealer instead, LastPass has warned. The malware delivery campaign is ongoing and widespread

Malicious GitHub pages lure MacOS users into installing Atomic infostealer Read More »

Cybersecurity AI (CAI): Open-source framework for AI security

agentic AI, Artificial Intelligence, Don't miss, framework, GitHub, News, open source, software /

Cybersecurity AI (CAI): Open-source framework for AI security 2025-09-22 at 10:29 By Anamarija Pogorelec Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working in security, including researchers, ethical hackers, IT staff, and organizations that want to use AI

Cybersecurity AI (CAI): Open-source framework for AI security Read More »

Rayhunter: EFF releases open-source tool to detect cellular spying

Don't miss, EFF, GitHub, mobile devices, News, open source, Privacy, software, surveillance /

Rayhunter: EFF releases open-source tool to detect cellular spying 2025-09-17 at 08:12 By Anamarija Pogorelec The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI catchers or Stingrays, mimic cell towers to trick phones into connecting so they can collect

Rayhunter: EFF releases open-source tool to detect cellular spying Read More »

GitHub adds post-quantum protection for SSH access

access control, Don't miss, Encryption, GitHub, News, NIST, OpenSSH, quantum computing, SSH /

GitHub adds post-quantum protection for SSH access 2025-09-16 at 12:05 By Sinisa Markovic GitHub is adding post-quantum cryptography to secure SSH connections, a move that signals the company’s preparation for a time when current encryption may no longer be safe. What GitHub is changing GitHub has introduced a new type of SSH key that combines

GitHub adds post-quantum protection for SSH access Read More »

Phishing campaign targets Rust developers

Don't miss, GitHub, Hot stuff, News, programming, rust, spear-phishing /

Phishing campaign targets Rust developers 2025-09-15 at 19:27 By Zeljka Zorz Developers publishing crates (binaries and libraries written in Rust) on crates.io, Rust’s main public package registry, have been targeted with emails echoing the recent npm phishing campaign. The phishing email The emails started hitting developers’ inboxes on Friday, minutes after they published a (new)

Phishing campaign targets Rust developers Read More »

Scroll to Top