open source

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs

Don't miss, GitHub, News, open source, Operant AI, red team, software /

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs 2025-05-28 at 08:17 By Mirko Zorz Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes environments, and APIs before attackers can exploit them. Key features of Woodpecker […]

React to this headline:

Loading spinner

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs Read More »

Hottest cybersecurity open-source tools of the month: May 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: May 2025 2025-05-28 at 07:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Vuls: Open-source agentless vulnerability scanner Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: May 2025 Read More »

Ongoing Campaign Uses 60 NPM Packages to Steal Data

Info stealer, Malware & Threats, NPM, open source, Socket, Supply Chain Security /

Ongoing Campaign Uses 60 NPM Packages to Steal Data 2025-05-27 at 17:17 By Ionut Arghire Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information. The post Ongoing Campaign Uses 60 NPM Packages to Steal Data appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ongoing Campaign Uses 60 NPM Packages to Steal Data Read More »

Vulnerabilities found in NASA’s open source software

code analysis, Don't miss, Hot stuff, NASA, News, open source, ThreatLeap, vulnerability, vulnerability disclosure /

Vulnerabilities found in NASA’s open source software 2025-05-27 at 15:48 By Zeljka Zorz Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec credentials include founding and leading DefenseCode, is no

React to this headline:

Loading spinner

Vulnerabilities found in NASA’s open source software Read More »

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks

Artificial Intelligence, Don't miss, framework, GitHub, Hot stuff, Meta, News, open source, software /

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks 2025-05-26 at 08:52 By Mirko Zorz LlamaFirewall is a system-level security framework for LLM-powered applications, built with a modular design to support layered, adaptive defense. It is designed to mitigate a wide spectrum of AI agent security risks including jailbreaking and indirect prompt injection,

React to this headline:

Loading spinner

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks Read More »

AutoPatchBench: Meta’s new way to test AI bug fixing tools

Artificial Intelligence, Don't miss, GitHub, Meta, News, open source, software /

AutoPatchBench: Meta’s new way to test AI bug fixing tools 2025-05-21 at 08:02 By Mirko Zorz AutoPatchBench is a new benchmark that tests how well AI tools can fix code bugs. It focuses on C and C++ vulnerabilities found through fuzzing. The benchmark includes 136 real bugs and their verified fixes, taken from the ARVO

React to this headline:

Loading spinner

AutoPatchBench: Meta’s new way to test AI bug fixing tools Read More »

Trojanized KeePass opens doors for ransomware attackers

Don't miss, Hot stuff, initial access broker, KeePass, malvertising, Malware, News, open source, Ransomware, typosquatting, WithSecure /

Trojanized KeePass opens doors for ransomware attackers 2025-05-20 at 14:04 By Zeljka Zorz A suspected initial access broker has been leveraging trojanized versions of the open-source KeePass password manager to set the stage for ransomware attacks, WithSecure researchers have discovered. KeeLoader: Passoword manager that acts as data stealer and malware loader In February 2025, WithSecure’s

React to this headline:

Loading spinner

Trojanized KeePass opens doors for ransomware attackers Read More »

The Windows Subsystem for Linux goes open source

Linux, Microsoft, News, open source /

The Windows Subsystem for Linux goes open source 2025-05-20 at 12:47 By Anamarija Pogorelec Microsoft has officially open-sourced the Windows Subsystem for Linux (WSL), closing the very first issue ever filed on the Microsoft/WSL GitHub repository: “Will this be open source?” WSL allows developers to run unmodified Linux command-line tools, utilities, and applications directly on

React to this headline:

Loading spinner

The Windows Subsystem for Linux goes open source Read More »

Containers are just processes: The illusion of namespace security

containers, cybersecurity, Don't miss, Edera, Expert analysis, Expert corner, Hot stuff, Kubernetes, Linux, News, open source, opinion /

Containers are just processes: The illusion of namespace security 2025-05-20 at 08:31 By Help Net Security In the early days of commercial open source, major vendors cast doubt on its security, claiming transparency was a flaw. In fact, that openness fueled strong communities and faster security improvements, making OSS often more secure than proprietary code.

React to this headline:

Loading spinner

Containers are just processes: The illusion of namespace security Read More »

Hanko: Open-source authentication and user management

access management, authentication, Don't miss, GitHub, Hanko, Hot stuff, News, open source, software /

Hanko: Open-source authentication and user management 2025-05-19 at 07:32 By Mirko Zorz Hanko is an open-source, API-first authentication solution purpose-built for the passwordless era. “We focus on helping developers and organizations modernize their authentication flows by migrating users towards passkeys, while still supporting all common authentication methods like email/password, MFA, OAuth, as well as SAML

React to this headline:

Loading spinner

Hanko: Open-source authentication and user management Read More »

Nobara Linux 42 brings performance boost and better hardware support

Fedora, Linux, News, open source /

Nobara Linux 42 brings performance boost and better hardware support 2025-05-14 at 12:08 By Help Net Security The Nobara Project has released a new version of its Linux distribution, bringing updated packages, performance improvements, and a few visual tweaks aimed at making life easier for users who want a system that works well out of

React to this headline:

Loading spinner

Nobara Linux 42 brings performance boost and better hardware support Read More »

Cerbos: Open-source, scalable authorization solution

Don't miss, GitHub, News, open source, software /

Cerbos: Open-source, scalable authorization solution 2025-05-14 at 07:34 By Help Net Security Cerbos is an open-source solution designed to simplify and modernize access control for cloud-native, microservice-based applications. Instead of hardcoding authorization logic into your application, Cerbos lets you write flexible, context-aware access policies using a YAML syntax. These policies are managed separately from your

React to this headline:

Loading spinner

Cerbos: Open-source, scalable authorization solution Read More »

SPIRE: Toolchain of APIs for establishing trust between software systems

GitHub, News, open source, software /

SPIRE: Toolchain of APIs for establishing trust between software systems 2025-05-12 at 08:00 By Help Net Security SPIRE is a graduated project of the Cloud Native Computing Foundation (CNCF). It’s a production-ready implementation of the SPIFFE APIs that handles node and workload attestation to securely issue SVIDs to workloads and verify the SVIDs of other

React to this headline:

Loading spinner

SPIRE: Toolchain of APIs for establishing trust between software systems Read More »

Analyze resource-based policy dependencies across your AWS Organizations accounts

Amazon, AWS, cloud security, GitHub, News, open source, software /

Analyze resource-based policy dependencies across your AWS Organizations accounts 2025-05-09 at 08:02 By Help Net Security Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment for AWS Organizations open-source tool helps simplify this process by giving you a central place

React to this headline:

Loading spinner

Analyze resource-based policy dependencies across your AWS Organizations accounts Read More »

Autorize: Burp Suite extension for automatic authorization enforcement detection

Don't miss, GitHub, News, open source, penetration testing, software /

Autorize: Burp Suite extension for automatic authorization enforcement detection 2025-05-07 at 08:02 By Help Net Security Autorize is an open-source Burp Suite extension that checks if users can access things they shouldn’t. It runs automatic tests to help security testers find authorization problems. Autorize installation To use Autorize, you’ll need Burp Suite and Jython. Here’s

React to this headline:

Loading spinner

Autorize: Burp Suite extension for automatic authorization enforcement detection Read More »

Vuls: Open-source agentless vulnerability scanner

Don't miss, GitHub, News, open source, scanning, software /

Vuls: Open-source agentless vulnerability scanner 2025-05-05 at 07:33 By Help Net Security Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created to solve the daily problems admins face when trying to keep servers secure. Many administrators choose not to use automatic software updates because they want to avoid

React to this headline:

Loading spinner

Vuls: Open-source agentless vulnerability scanner Read More »

Hottest cybersecurity open-source tools of the month: April 2025

cybersecurity, Don't miss, GitHub, News, open source, software /

Hottest cybersecurity open-source tools of the month: April 2025 2025-05-01 at 08:36 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. GoSearch: Open-source OSINT tool for uncovering digital footprints GoSearch is an open-source OSINT tool built to uncover digital footprints linked to

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: April 2025 Read More »

Villain: Open-source framework for managing and enhancing reverse shells

Don't miss, framework, GitHub, News, open source, software /

Villain: Open-source framework for managing and enhancing reverse shells 2025-04-30 at 08:04 By Mirko Zorz Villain is an open-source Stage 0/1 command-and-control (C2) framework designed to manage multiple reverse TCP and HoaxShell-based shells. Beyond simply handling connections, Villain enhances these shells with added functionality, offering commands and utilities, and allowing for shell sessions sharing across

React to this headline:

Loading spinner

Villain: Open-source framework for managing and enhancing reverse shells Read More »

Avocado OS: Open-source Linux platform for embedded systems

Industry news, Linux, open source, Peridio /

Avocado OS: Open-source Linux platform for embedded systems 2025-04-28 at 15:32 By Industry News Peridio, a platform for building and maintaining advanced embedded products, has launched Avocado OS, an open-source embedded Linux distribution made to simplify the way developers build complex embedded systems. Avocado OS focuses on delivering a smooth developer experience while offering security,

React to this headline:

Loading spinner

Avocado OS: Open-source Linux platform for embedded systems Read More »

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation

Chainguard, containers, Funding/M&A, Kleiner Perkins, Kubernetes, open source, supply chain, Supply Chain Security /

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation 2025-04-23 at 17:20 By Ryan Naraine The cash infusion brings Chainguard’s total funding to about $612 million since launching in 2021 and prices the company at $3.5 billion. The post Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Chainguard Raises Hefty $356M Series D at $3.5 Billion Valuation Read More »

Scroll to Top