open source

Kanister: Open-source data protection workflow management tool

Kanister: Open-source data protection workflow management tool 2025-06-26 at 08:04 By Help Net Security Kanister is an open-source tool that lets domain experts define how to manage application data using blueprints that are easy to share and update. It handles the complex parts of running these tasks on Kubernetes and gives a consistent way to […]

React to this headline:

Loading spinner

Kanister: Open-source data protection workflow management tool Read More »

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) 2025-06-26 at 00:15 By Zeljka Zorz A high-severity vulnerability (CVE-2025-49144) in the Notepad++ installer could be exploited by unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. There is currently no indication that the vulnerability is being leveraged by attackers, though technical details

React to this headline:

Loading spinner

Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144) Read More »

Reconmap: Open-source vulnerability assessment, pentesting management platform

Reconmap: Open-source vulnerability assessment, pentesting management platform 2025-06-24 at 08:03 By Help Net Security Reconmap is an open source tool for vulnerability assessments and penetration testing. It helps security teams plan, carry out, and report on security tests from start to finish. The platform simplifies tasks and makes it easier for teams to work together,

React to this headline:

Loading spinner

Reconmap: Open-source vulnerability assessment, pentesting management platform Read More »

Amazon Linux 2023 achieves FIPS 140-3 validation

Amazon Linux 2023 achieves FIPS 140-3 validation 2025-06-20 at 10:52 By Help Net Security Amazon Linux 2023 (AL2023) has earned FIPS 140-3 Level 1 validation for several of its cryptographic modules. This means it’s now approved for use in systems that need to meet U.S. and Canadian government standards for encryption. FIPS (Federal Information Processing

React to this headline:

Loading spinner

Amazon Linux 2023 achieves FIPS 140-3 validation Read More »

35 open-source security tools to power your red team, SOC, and cloud security

35 open-source security tools to power your red team, SOC, and cloud security 2025-06-18 at 08:31 By Help Net Security This article showcases free, open-source security tools that support your organization’s teams in red teaming, threat hunting, incident response, vulnerability scanning, and cloud security. Autorize: Burp Suite extension for automatic authorization enforcement detection Autorize is

React to this headline:

Loading spinner

35 open-source security tools to power your red team, SOC, and cloud security Read More »

Free AI coding security rules now available on GitHub

Free AI coding security rules now available on GitHub 2025-06-17 at 16:47 By Sinisa Markovic Developers are turning to AI coding assistants to save time and speed up their work. But these tools can also introduce security risks if they suggest flawed or unsafe code. To help address that, Secure Code Warrior has released a

React to this headline:

Loading spinner

Free AI coding security rules now available on GitHub Read More »

MDEAutomator: Open-source endpoint management, incident response in MDE

MDEAutomator: Open-source endpoint management, incident response in MDE 2025-06-16 at 08:36 By Help Net Security Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool designed to make that easier. MDEAutomator is a modular, serverless solution for IT and security teams looking

React to this headline:

Loading spinner

MDEAutomator: Open-source endpoint management, incident response in MDE Read More »

Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools

Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools 2025-06-14 at 12:17 By Zeljka Zorz OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 (Source: OffSec) New in Kali Linux 2025.2 As per usual, the newest

React to this headline:

Loading spinner

Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools Read More »

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment 2025-06-11 at 09:01 By Mirko Zorz OWASP Nettacker is a free, open-source tool designed for network scanning, information gathering, and basic vulnerability assessment. Built and maintained by the OWASP community, Nettacker helps security pros automate common tasks like port scanning, service detection, and brute-force attacks. It

React to this headline:

Loading spinner

OWASP Nettacker: Open-source scanner for recon and vulnerability assessment Read More »

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic 2025-06-09 at 08:00 By Mirko Zorz fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that might point to malware, phishing, or other threats. fiddleitm features “I created fiddleitm

React to this headline:

Loading spinner

fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic Read More »

Meta open-sources AI tool to automatically classify sensitive documents

Meta open-sources AI tool to automatically classify sensitive documents 2025-06-05 at 09:17 By Mirko Zorz Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive information in documents and apply security labels automatically. The tool uses customizable classification rules

React to this headline:

Loading spinner

Meta open-sources AI tool to automatically classify sensitive documents Read More »

Vet: Open-source software supply chain security tool

Vet: Open-source software supply chain security tool 2025-06-03 at 08:34 By Help Net Security Vet is an open source tool designed to help developers and security engineers spot risks in their software supply chains. It goes beyond traditional software composition analysis by detecting known vulnerabilities and flagging malicious packages. Vet supports several ecosystems, including npm,

React to this headline:

Loading spinner

Vet: Open-source software supply chain security tool Read More »

48% of security pros are falling behind compliance requirements

48% of security pros are falling behind compliance requirements 2025-06-02 at 07:07 By Help Net Security 32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are more realistic, noting they feel uncertain about achieving this near impossible outcome. Software compliance adoption varies across

React to this headline:

Loading spinner

48% of security pros are falling behind compliance requirements Read More »

Why privacy in blockchain must start with open source

Why privacy in blockchain must start with open source 2025-05-30 at 09:02 By Help Net Security Traditionally, trust came from centralized institutions. Banks, payment networks, and clearinghouses are closed systems. Users cannot see the inner workings, but they rely on external audits, government regulation, and long histories of compliance to feel secure. It’s a model

React to this headline:

Loading spinner

Why privacy in blockchain must start with open source Read More »

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs 2025-05-28 at 08:17 By Mirko Zorz Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix security weaknesses in AI systems, Kubernetes environments, and APIs before attackers can exploit them. Key features of Woodpecker

React to this headline:

Loading spinner

Woodpecker: Open-source red teaming for AI, Kubernetes, APIs Read More »

Hottest cybersecurity open-source tools of the month: May 2025

Hottest cybersecurity open-source tools of the month: May 2025 2025-05-28 at 07:03 By Help Net Security This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Vuls: Open-source agentless vulnerability scanner Vuls is an open-source tool that helps users find and manage security vulnerabilities. It was created

React to this headline:

Loading spinner

Hottest cybersecurity open-source tools of the month: May 2025 Read More »

Ongoing Campaign Uses 60 NPM Packages to Steal Data

Ongoing Campaign Uses 60 NPM Packages to Steal Data 2025-05-27 at 17:17 By Ionut Arghire Security firm Socket warns flags a campaign targeting NPM users with tens of malicious packages that can hijack system information. The post Ongoing Campaign Uses 60 NPM Packages to Steal Data appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Loading spinner

Ongoing Campaign Uses 60 NPM Packages to Steal Data Read More »

Vulnerabilities found in NASA’s open source software

Vulnerabilities found in NASA’s open source software 2025-05-27 at 15:48 By Zeljka Zorz Vulnerabilities in open source software developed and used in-house by NASA could be exploited to breach their systems, claims Leon Juranić, security researcher and founder of cybersecurity startup ThreatLeap. The vulnerabilities Juranić, whose AppSec credentials include founding and leading DefenseCode, is no

React to this headline:

Loading spinner

Vulnerabilities found in NASA’s open source software Read More »

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks 2025-05-26 at 08:52 By Mirko Zorz LlamaFirewall is a system-level security framework for LLM-powered applications, built with a modular design to support layered, adaptive defense. It is designed to mitigate a wide spectrum of AI agent security risks including jailbreaking and indirect prompt injection,

React to this headline:

Loading spinner

LlamaFirewall: Open-source framework to detect and mitigate AI centric security risks Read More »

AutoPatchBench: Meta’s new way to test AI bug fixing tools

AutoPatchBench: Meta’s new way to test AI bug fixing tools 2025-05-21 at 08:02 By Mirko Zorz AutoPatchBench is a new benchmark that tests how well AI tools can fix code bugs. It focuses on C and C++ vulnerabilities found through fuzzing. The benchmark includes 136 real bugs and their verified fixes, taken from the ARVO

React to this headline:

Loading spinner

AutoPatchBench: Meta’s new way to test AI bug fixing tools Read More »

Scroll to Top