open source

Nodepass: Open-source TCP/UDP tunneling solution

Nodepass: Open-source TCP/UDP tunneling solution 2025-10-20 at 13:18 By Sinisa Markovic When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a compact but powerful TCP/UDP tunneling solution built for DevOps teams and system administrators who need to manage complex network […]

Nodepass: Open-source TCP/UDP tunneling solution Read More »

Maltrail: Open-source malicious traffic detection system

Maltrail: Open-source malicious traffic detection system 2025-10-15 at 08:30 By Sinisa Markovic Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available blacklists, as well as static lists compiled from antivirus reports and user-defined sources. These “trails” can include domain names, URLs,

Maltrail: Open-source malicious traffic detection system Read More »

Nagios: Open-source monitoring solution

Nagios: Open-source monitoring solution 2025-10-10 at 08:19 By Anamarija Pogorelec Nagios is an open-source monitoring solution, now included as part of the robust Nagios Core Services Platform (CSP). It delivers end-to-end visibility across the entire IT infrastructure, covering everything from websites and DNS to servers, routers, switches, workstations, and critical services. It helps organizations proactively

Nagios: Open-source monitoring solution Read More »

Legit tools, illicit uses: Velociraptor, Nezha turned against victims

Legit tools, illicit uses: Velociraptor, Nezha turned against victims 2025-10-09 at 19:19 By Zeljka Zorz Threat actors are using an increasing variety of commercial and open-source products to carry out their attacks: according to researchers, Velociraptor and Nezha are the latest additions to their attack toolbox. Velociraptor misuse A suspected China-based ransomware threat actor has

Legit tools, illicit uses: Velociraptor, Nezha turned against victims Read More »

DefectDojo: Open-source DevSecOps platform

DefectDojo: Open-source DevSecOps platform 2025-10-08 at 09:39 By Anamarija Pogorelec DefectDojo is an open-source tool for DevSecOps, application security posture management (ASPM), and vulnerability management. It helps teams manage security testing, track and remove duplicate findings, handle remediation, and generate reports. Whether you’re a solo security practitioner or a CISO managing multiple teams, DefectDojo helps

DefectDojo: Open-source DevSecOps platform Read More »

Proxmox Mail Gateway: Open-source email security solution reaches version 9.0

Proxmox Mail Gateway: Open-source email security solution reaches version 9.0 2025-10-06 at 08:06 By Anamarija Pogorelec First released in 2005, the open-source Proxmox Mail Gateway has become a widely adopted mail proxy, positioned between the firewall and the internal mail server to stop threats before they reach users. The platform delivers anti-spam and antivirus filtering

Proxmox Mail Gateway: Open-source email security solution reaches version 9.0 Read More »

OpenSSL 3.6.0: New features, crypto support

OpenSSL 3.6.0: New features, crypto support 2025-10-02 at 17:54 By Anamarija Pogorelec The OpenSSL Project has announced the release of OpenSSL 3.6.0, a feature update that brings significant functionality improvements, standards compliance, and a few key deprecations that developers and security teams will need to keep in mind. Key cryptographic enhancements OpenSSL 3.6.0 introduces several

OpenSSL 3.6.0: New features, crypto support Read More »

Chekov: Open-source static code analysis tool

Chekov: Open-source static code analysis tool 2025-10-02 at 09:18 By Sinisa Markovic Checkov is an open-source tool designed to help teams secure their cloud infrastructure and code. At its core, it’s a static code analysis tool for infrastructure as code (IaC), but it also goes a step further by providing software composition analysis (SCA) for

Chekov: Open-source static code analysis tool Read More »

The hidden risks inside open-source code

The hidden risks inside open-source code 2025-09-30 at 09:12 By Mirko Zorz Open-source software is everywhere. It runs the browsers we use, the apps we rely on, and the infrastructure that keeps businesses connected. For many security leaders, it is simply part of the environment, not something they think about every day. That is where

The hidden risks inside open-source code Read More »

Firezone: Open-source platform to securely manage remote access

Firezone: Open-source platform to securely manage remote access 2025-09-29 at 08:36 By Sinisa Markovic Firezone is an open-source platform that helps organizations of any size manage secure remote access. Unlike most VPNs, it uses a least-privileged model, giving users only the access they need. Firezone was built to scale from the start, so you can

Firezone: Open-source platform to securely manage remote access Read More »

Delinea releases free open-source MCP server to secure AI agents

Delinea releases free open-source MCP server to secure AI agents 2025-09-26 at 08:06 By Sinisa Markovic AI agents are becoming more common in the workplace, but giving them access to sensitive systems can be risky. Credentials often get stored in plain text, added to prompts, or passed around without proper oversight. Delinea wants to fix

Delinea releases free open-source MCP server to secure AI agents Read More »

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools 2025-09-24 at 12:19 By Zeljka Zorz OffSec has released Kali Linux 2025.3, the most up-to-date version of its popular penetration testing and digital forensics platform. What’s new in Kali Linux 2025.3 Better virtual machine tooling The way Kali builds and ships its VM images

Kali Linux 2025.3 brings improved virtual machine tooling, 10 new tools Read More »

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history 2025-09-24 at 08:10 By Anamarija Pogorelec Nosey Parker is an open-source command-line tool that helps find secrets and sensitive information hidden in text files. It works like a specialized version of grep, focused on spotting things like passwords, API keys, and other

Nosey Parker: Open-source tool finds sensitive information in textual data and Git history Read More »

Cybersecurity AI (CAI): Open-source framework for AI security

Cybersecurity AI (CAI): Open-source framework for AI security 2025-09-22 at 10:29 By Anamarija Pogorelec Cybersecurity AI (CAI) is an open-source framework that helps security teams build and run AI-driven tools for offensive and defensive tasks. It’s designed for anyone working in security, including researchers, ethical hackers, IT staff, and organizations that want to use AI

Cybersecurity AI (CAI): Open-source framework for AI security Read More »

Behind the scenes of cURL with its founder: Releases, updates, and security

Behind the scenes of cURL with its founder: Releases, updates, and security 2025-09-18 at 09:01 By Mirko Zorz In this Help Net Security interview, Daniel Stenberg, lead developer od cURL, discusses how the widely used tool remains secure across billions of devices, from cloud services to IoT. He shares insights into cURL’s decades-long journey of

Behind the scenes of cURL with its founder: Releases, updates, and security Read More »

Rayhunter: EFF releases open-source tool to detect cellular spying

Rayhunter: EFF releases open-source tool to detect cellular spying 2025-09-17 at 08:12 By Anamarija Pogorelec The Electronic Frontier Foundation (EFF) has released Rayhunter, a new open-source tool designed to detect cell site simulators (CSS). These devices, also known as IMSI catchers or Stingrays, mimic cell towers to trick phones into connecting so they can collect

Rayhunter: EFF releases open-source tool to detect cellular spying Read More »

Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack

Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack 2025-09-17 at 01:18 By Zeljka Zorz A potentially monumental supply chain attack is underway, thanks to a self-replicating worm-like payload that has been compromising packages published on the npm Registry. The worm has been dubbed “Shai-hulud” as it steals credentials from victims who

Self-replicating worm hits 180+ npm packages in (largely) automated supply chain attack Read More »

Arkime: Open-source network analysis and packet capture system

Arkime: Open-source network analysis and packet capture system 2025-09-15 at 08:47 By Help Net Security Arkime is an open-source system for large-scale network analysis and packet capture. It works with your existing security tools to store and index network traffic in standard PCAP format, making it easy to search and access. The solution includes a

Arkime: Open-source network analysis and packet capture system Read More »

Garak: Open-source LLM vulnerability scanner

Garak: Open-source LLM vulnerability scanner 2025-09-10 at 09:00 By Help Net Security LLMs can make mistakes, leak data, or be tricked into doing things they were not meant to do. Garak is a free, open-source tool designed to test these weaknesses. It checks for problems like hallucinations, prompt injections, jailbreaks, and toxic outputs. By running

Garak: Open-source LLM vulnerability scanner Read More »

Scroll to Top