open source

Malwoverview: First response tool for threat hunting

Don't miss, GitHub, News, open source, software /

Malwoverview: First response tool for threat hunting 2025-03-26 at 07:32 By Mirko Zorz Malwoverview is an open-source threat hunting tool designed for the initial triage of malware samples, URLs, IP addresses, domains, malware families, IOCs, and hashes. “Malwoverview is simple and direct, integrating multiple public sandboxes to retrieve and display only relevant information. It enables […]

React to this headline:

Loading spinner

Malwoverview: First response tool for threat hunting Read More »

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)

Cloudflare, Don't miss, framework, Hot stuff, News, Next.js, open source, PoC, ProjectDiscovery, vulnerability, web application security, web development /

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) 2025-03-24 at 15:17 By Zeljka Zorz A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web pages they should no have access to (e.g., the web app’s admin panel).

React to this headline:

Loading spinner

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) Read More »

Finders Keypers: Open-source AWS KMS key usage finder

AWS, Don't miss, GitHub, News, open source, software /

Finders Keypers: Open-source AWS KMS key usage finder 2025-03-24 at 07:32 By Mirko Zorz Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases include: Identifying the blast radius of specific KMS keys and the

React to this headline:

Loading spinner

Finders Keypers: Open-source AWS KMS key usage finder Read More »

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates

Don't miss, Kali Linux, News, OffSec, open source, penetration testing, software /

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates 2025-03-20 at 09:32 By Help Net Security Kali Linux 2025.1a is now available. This release enhances existing features with improvements designed to streamline your experience. 2025 theme refresh Kali Linux 2025.1a introduces an annual theme refresh, maintaining a modern interface. This year’s update debuts a

React to this headline:

Loading spinner

Kali Linux 2025.1a drops with theme refresh, Kali NetHunter updates Read More »

Google Releases Major Update for Open Source Vulnerability Scanner

Application Security, Google, open source, OSV-Scanner, scanner /

Google Releases Major Update for Open Source Vulnerability Scanner 2025-03-18 at 18:02 By Ionut Arghire Google has integrated OSV-SCALIBR features into OSV-Scanner, its free vulnerability scanner for open source developers. The post Google Releases Major Update for Open Source Vulnerability Scanner appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

React to this headline:

Loading spinner

Google Releases Major Update for Open Source Vulnerability Scanner Read More »

Hackers target AI and crypto as software supply chain risks grow

Artificial Intelligence, cybersecurity, News, open source, report, ReversingLabs, software, supply chain /

Hackers target AI and crypto as software supply chain risks grow 2025-03-18 at 07:47 By Help Net Security The growing sophistication of software supply chain attacks is driven by widespread flaws in open-source and third-party commercial software, along with malicious campaigns that specifically target AI and cryptocurrency development pipelines, according to a ReversingLabs report. According

React to this headline:

Loading spinner

Hackers target AI and crypto as software supply chain risks grow Read More »

IntelMQ: Open-source tool for collecting and processing security feeds

Don't miss, GitHub, News, open source, software, Threat Intelligence /

IntelMQ: Open-source tool for collecting and processing security feeds 2025-03-17 at 07:02 By Mirko Zorz IntelMQ is an open-source solution designed to help IT security teams (including CERTs, CSIRTs, SOCs, and abuse departments) streamline the collection and processing of security feeds using a message queuing protocol. “Originally designed for CSIRTs and later adopted by SOCs,

React to this headline:

Loading spinner

IntelMQ: Open-source tool for collecting and processing security feeds Read More »

NetBird: Open-source network security

Don't miss, GitHub, News, open source, software /

NetBird: Open-source network security 2025-03-12 at 08:03 By Help Net Security NetBird is an open-source solution that integrates a configuration-free peer-to-peer private network with centralized access control, providing a single platform to build secure private networks for your organization or home. NetBird features NetBird creates a WireGuard-based overlay network that automatically connects your machines over

React to this headline:

Loading spinner

NetBird: Open-source network security Read More »

UK Government Report Calls for Stronger Open Source Supply Chain Security Practices

open source, supply chain, Supply Chain Security /

UK Government Report Calls for Stronger Open Source Supply Chain Security Practices 2025-03-11 at 19:05 By Kevin Townsend Report from the Department for Science, Innovation & Technology (DSIT) finds weaknesses in current practices. The post UK Government Report Calls for Stronger Open Source Supply Chain Security Practices appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

UK Government Report Calls for Stronger Open Source Supply Chain Security Practices Read More »

Hetty: Open-source HTTP toolkit for security research

Don't miss, GitHub, News, open source, penetration testing, software /

Hetty: Open-source HTTP toolkit for security research 2025-03-10 at 08:17 By Help Net Security Hetty is an open-source HTTP toolkit designed for security research, offering a free alternative to commercial tools like Burp Suite Pro. Built with the needs of penetration testers, security professionals, and bug bounty hunters in mind, Hetty provides a set of

React to this headline:

Loading spinner

Hetty: Open-source HTTP toolkit for security research Read More »

Fix Inventory: Open-source cloud asset inventory tool

asset discovery, cloud security, Don't miss, GitHub, IT assets, News, open source, software /

Fix Inventory: Open-source cloud asset inventory tool 2025-03-05 at 08:04 By Help Net Security Fix Inventory is an open-source tool for detecting compliance and security risks in cloud infrastructure accounts. It was built from the ground up for cloud-native environments and provides broad support for over 300 cloud services, including AWS, Google Cloud Platform, Azure,

React to this headline:

Loading spinner

Fix Inventory: Open-source cloud asset inventory tool Read More »

Commix: Open-source OS command injection exploitation tool

cybersecurity, Don't miss, GitHub, News, open source, software /

Commix: Open-source OS command injection exploitation tool 2025-03-03 at 08:08 By Help Net Security Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simplifies the process of identifying and exploiting command injection

React to this headline:

Loading spinner

Commix: Open-source OS command injection exploitation tool Read More »

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364)

CVE, Don't miss, Hot stuff, MITRE, News, open source, PoC, red team, training /

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) 2025-02-28 at 17:03 By Zeljka Zorz Users of the MITRE Caldera cyber security platform have been urged to plug a critical hole (CVE-2025–27364) that may allow unauthenticated attackers to achieve remote code execution. About MITRE Caldera MITRE Caldera is a platform built on the

React to this headline:

Loading spinner

MITRE Caldera RCE vulnerability with public PoC fixed, patch ASAP! (CVE-2025–27364) Read More »

OSPS Baseline: Practical security best practices for open source software projects

cyber resilience, Don't miss, guide, Hot stuff, News, open source, OpenSSF, software development /

OSPS Baseline: Practical security best practices for open source software projects 2025-02-28 at 14:49 By Help Net Security The Open Source Security Foundation (OpenSSF), a cross-industry initiative by the Linux Foundation, has announced the initial release of the Open Source Project Security Baseline (OSPS Baseline), a tiered framework of security practices that evolve with the

React to this headline:

Loading spinner

OSPS Baseline: Practical security best practices for open source software projects Read More »

Hottest cybersecurity open-source tools of the month: February 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: February 2025 2025-02-27 at 07:31 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source threat hunting tool for Linux Kunai is an open-source tool that provides deep and precise event monitoring for Linux

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: February 2025 Read More »

OpenSSF Releases Security Baseline for Open Source Projects

Application Security, open source, OpenSSF, OSPS Baseline /

OpenSSF Releases Security Baseline for Open Source Projects 2025-02-26 at 13:45 By Eduard Kovacs The Open Source Security Foundation (OpenSSF) has created a structured set of security requirements for open source projects. The post OpenSSF Releases Security Baseline for Open Source Projects appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original

React to this headline:

Loading spinner

OpenSSF Releases Security Baseline for Open Source Projects Read More »

Dalfox: Open-source XSS scanner

Don't miss, GitHub, News, open source, penetration testing, scanning, software, XSS /

Dalfox: Open-source XSS scanner 2025-02-26 at 08:20 By Mirko Zorz DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uniqueness of Dalfox lies in its speed and ability to easily

React to this headline:

Loading spinner

Dalfox: Open-source XSS scanner Read More »

Open source strikes back: Nextcloud Hub 10 challenges Big Tech’s monopoly on AI and privacy

Artificial Intelligence, collaboration, News, open source, software /

Open source strikes back: Nextcloud Hub 10 challenges Big Tech’s monopoly on AI and privacy 2025-02-25 at 15:18 By Help Net Security Hyperscalers have perpetuated the narrative that open-source solutions cannot compete at scale. This perception has influenced funding priorities, shaped policy discussions, and reinforced organizational reliance on Big Tech. With the launch of Hub

React to this headline:

Loading spinner

Open source strikes back: Nextcloud Hub 10 challenges Big Tech’s monopoly on AI and privacy Read More »

Misconfig Mapper: Open-source tool to uncover security misconfigurations

Don't miss, GitHub, misconfiguration, News, open source, software /

Misconfig Mapper: Open-source tool to uncover security misconfigurations 2025-02-24 at 07:33 By Mirko Zorz Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with detection and misconfiguration fingerprints to identify potential security risks

React to this headline:

Loading spinner

Misconfig Mapper: Open-source tool to uncover security misconfigurations Read More »

PRevent: Open-source tool to detect malicious code in pull requests

Apiiro, code analysis, Don't miss, GitHub, Hot stuff, Java, JavaScript, Kotlin, News, open source, PHP, programming, Python, Ruby, software development, threat detection /

PRevent: Open-source tool to detect malicious code in pull requests 2025-02-20 at 16:52 By Zeljka Zorz Apiiro security researchers have released open source tools that can help organizations detect malicious code as part of their software development lifecycle: PRevent (a scanner for pull requests), and a malicious code detection ruleset for Semgrep and Opengrep static

React to this headline:

Loading spinner

PRevent: Open-source tool to detect malicious code in pull requests Read More »

Scroll to Top