Agent Beacon: Open-source telemetry layer for AI agents 2026-06-22 at 08:30 By Mirko Zorz AI coding agents such as Claude Code, Codex CLI, Cursor, and Claude Cowork run on developer laptops, CI jobs, cloud environments, where they edit files, run commands, and call outside tools. Beacon, an open-source project from Asymptote Labs, configures telemetry for […]
Agent Beacon: Open-source telemetry layer for AI agents Read More »
The systemd 261 release brings a software TPM, new OS installer 2026-06-22 at 01:30 By Anamarija Pogorelec Linux distributions that ship systemd as their init system now have a new version to track. The systemd 261 update adds a cloud metadata subsystem, carries process state through kexec reboots, and continues a long-running effort to load
The systemd 261 release brings a software TPM, new OS installer Read More »
Homebrew tightens tap security, begins work on its interface 2026-06-18 at 07:30 By Anamarija Pogorelec Anyone who installs software through a third-party Homebrew tap runs Ruby code written by people outside the project, and that code runs without a sandbox. That risk sits at the center of Homebrew 6.0.0. Tap trust Homebrew now requires a
Homebrew tightens tap security, begins work on its interface Read More »
The Chainguard Athena coalition already shipped 2,000 patches across 500 open source projects 2026-06-17 at 12:42 By Mirko Zorz Chainguard launched Athena, an industry coalition that pools open source vulnerability findings and remediates them under embargo before public disclosure. The group went live with more than two dozen member organizations. Founding members include BNY, Chainguard,
Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure 2026-06-16 at 12:39 By Ionut Arghire Over two dozen organizations built a shared platform to triage vulnerabilities, fix them, and secure the software before patches arrive. The post Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure appeared first on SecurityWeek. This article is an excerpt
Tech Coalition ‘Athena’ Targets OSS Vulnerabilities Ahead of Disclosure Read More »
Open-source CI/CD abuse detector guards against stolen credential attacks 2026-06-15 at 08:30 By Sinisa Markovic CI/CD Abuse Detector is an open-source project that uses a large language model to flag suspicious changes to continuous integration and continuous deployment pipelines, workflows, and automation configurations. The repository contains drop-in templates for GitHub Actions, GitLab CI, and Azure
Open-source CI/CD abuse detector guards against stolen credential attacks Read More »
Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes 2026-06-11 at 20:18 By Anamarija Pogorelec Proxmox Mail Gateway 9.1 adds updated system components, changes to the spam quarantine interface, and encryption for backups. It works as a mail proxy positioned between the firewall and internal mail servers, screening incoming and outgoing traffic for
Proxmox releases Mail Gateway 9.1 with quarantine and backup encryption changes Read More »
X Square Robot open sources its robot-free data collection framework 2026-06-11 at 08:43 By Sinisa Markovic Companies building robots for physical work spend large amounts of time and money operating machines by hand to gather training examples. Each session with a physical robot produces a small number of demonstrations per day, which slows the growth
X Square Robot open sources its robot-free data collection framework Read More »
NOVA microhypervisor brings AMD DMA isolation to shared AI infrastructure 2026-06-10 at 09:55 By Mirko Zorz BlueRock has issued the latest open-source release of its NOVA Microhypervisor with DMA remapping support for AMD platforms that have IOMMU hardware virtualization. The capability is enabled by default and extends hardware-level isolation across virtual machines, devices, and memory
NOVA microhypervisor brings AMD DMA isolation to shared AI infrastructure Read More »
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) 2026-06-09 at 15:21 By Zeljka Zorz A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vulnerabilities catalog on Monday. About CVE-2026-42271 LiteLLM is
LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271) Read More »
DockSec: Open-source AI-powered Docker security scanner 2026-06-08 at 13:09 By Mirko Zorz DockSec is an OWASP Incubator Project that combines three container security scanners with a language-model layer for explanation and remediation. Created by Advait Patel, the Python tool runs Trivy, Hadolint, and Docker Scout against a developer’s Dockerfile and image, correlates the findings, returns
DockSec: Open-source AI-powered Docker security scanner Read More »
AgentGG: Open-source agentic SAST scanner 2026-06-05 at 09:24 By Mirko Zorz Static analysis tools have spent years matching source code against known-bad patterns and handing engineers long lists of candidate issues to triage by hand. AgentGG approaches the same job with AI agents that read the code, follow imports, walk the call graph, and confirm
AgentGG: Open-source agentic SAST scanner Read More »
KDE Linux security audit cuts kernel modules and unused packages 2026-06-02 at 11:55 By Anamarija Pogorelec KDE Linux, the in-progress operating system from the KDE community, removed several kernel modules and software packages after a security audit of the components shipped with the system. The work followed the discovery of multiple security issues in the
KDE Linux security audit cuts kernel modules and unused packages Read More »
NVIDIA goes open source with a big batch of physical AI agent tools 2026-06-01 at 11:46 By Anamarija Pogorelec NVIDIA just dropped a big batch of open-source “physical AI” skills and tools, and they’re designed to make a roboticist’s life a whole lot easier. The idea? Take the messy, complicated work behind robots, self-driving cars,
NVIDIA goes open source with a big batch of physical AI agent tools Read More »
DNS-AID lets AI agents find and verify each other through DNS 2026-06-01 at 11:46 By Sinisa Markovic AI agents run across many platforms, and each one needs a way to locate and confirm the identity of the others it works with. The Linux Foundation’s DNS-AID project gives them that capability through the Domain Name System,
DNS-AID lets AI agents find and verify each other through DNS Read More »
OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory 2026-06-01 at 08:19 By Mirko Zorz AI agents keep memory across sessions. Conversation history, vector stores, scratchpads, and RAG indexes persist between runs, and anything written into that store becomes a privileged input the agent reads back later. An attacker who
OWASP Agent Memory Guard: Stop AI agents from being weaponized through their own memory Read More »
IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell” 2026-05-28 at 17:54 By SecurityWeek News Project Lightwell is designed to fix vulnerabilities without breaking what is already in production. The post IBM and Red Hat Commit $5 Billion to Secure Open Source Supply Chains Under “Project Lightwell” appeared
Vigolium: Open-source vulnerability scanner 2026-05-27 at 09:24 By Anamarija Pogorelec Vigolium, an open-source vulnerability scanner that combines deterministic scanning with AI-driven auditing, launched its initial open-source release this month. The project ships 235+ scanner modules and an in-process agent runtime called olium that handles autonomous endpoint discovery, attack planning, and finding triage. The tool exposes
Vigolium: Open-source vulnerability scanner Read More »
Anthropic: Claude Mythos identified 10,000+ software flaws 2026-05-26 at 17:30 By Anamarija Pogorelec Anthropic and its Project Glasswing partners have identified more than 10,000 high- or critical-severity vulnerabilities in critical software systems, the company announced in an update on the project’s progress. Mythos identifies thousands of high-severity vulnerabilities In April 2026, Anthropic introduced Claude Mythos
Anthropic: Claude Mythos identified 10,000+ software flaws Read More »
OpenHack: Open-source AI-powered vulnerability research 2026-05-25 at 08:11 By Sinisa Markovic Source-guided vulnerability research increasingly leans on coding harnesses such as Claude Code, Codex, and Cursor to drive agent-based reviews of application code. A new MIT-licensed project from the Dutch security firm Hadrian, called OpenHack, packages that approach into a file-based workspace that any of
OpenHack: Open-source AI-powered vulnerability research Read More »