open source

Microsoft open-sources tools for designing and testing AI agents

Microsoft open-sources tools for designing and testing AI agents 2026-05-21 at 19:15 By Zeljka Zorz Microsoft has open-sourced two tools aimed at bringing security discipline to AI agent development: Clarity, a structured design review tool, and RAMPART, a continuous testing framework. The release comes from Microsoft’s AI Red Team, the company’s internal unit that stress-tests […]

Microsoft open-sources tools for designing and testing AI agents Read More »

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise 2026-05-21 at 16:56 By Zeljka Zorz GitHub CISO Alexis Wales has named the malicious VS Code extension behind the breach they suffered at the hands of the threat group TeamPCP: Nx Console, a popular developer tool with 2.2 million installs. A malicious version of

GitHub, Grafana Labs breaches traced back to TanStack supply chain compromise Read More »

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension 2026-05-20 at 13:47 By Zeljka Zorz Following TeamPCP’s claim that they’ve breached GitHub’s own private code repositories, the Microsoft-owned company launched an investigation and confirmed the compromise. “Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of

TeamPCP breached GitHub’s internal codebase via poisoned VS Code extension Read More »

CVE Lite CLI: Open-source dependency vulnerability scanner

CVE Lite CLI: Open-source dependency vulnerability scanner 2026-05-20 at 09:34 By Mirko Zorz Dependency vulnerability scanning in JavaScript and TypeScript projects has long sat at the end of the development pipeline. Pull requests get opened, continuous integration runs, and a security scanner returns a list of CVE identifiers that developers then have to triage hours

CVE Lite CLI: Open-source dependency vulnerability scanner Read More »

AI is drowning software maintainers in junk security reports

AI is drowning software maintainers in junk security reports 2026-05-18 at 21:32 By Zeljka Zorz AI-assisted vulnerability research has exploded, unleashing a firehose of low-quality reports on overworked software maintainers who are wasting hours sifting through noise instead of fixing real problems. Linus Torvalds, the Linux kernel’s creator, says the flood has made the project’s

AI is drowning software maintainers in junk security reports Read More »

Attackers accessed, downloaded code from Grafana Labs’ GitHub

Attackers accessed, downloaded code from Grafana Labs’ GitHub 2026-05-18 at 12:57 By Zeljka Zorz A threat actor has managed to access Grafana Labs’ GitHub environment and download the company’s codebase, the open-source observability and data visualization firm announced on Sunday. The breach is significant given Grafana Labs’ widespread use across enterprise engineering and DevOps teams

Attackers accessed, downloaded code from Grafana Labs’ GitHub Read More »

Lyrie: Open-source autonomous pentesting agent

Lyrie: Open-source autonomous pentesting agent 2026-05-18 at 09:42 By Sinisa Markovic Penetration testing has usually required weeks of manual work, specialized tooling, and teams with narrow skill sets. Lyrie, an open-source autonomous security agent built by OTT Cybersecurity, compresses that process into a command line tool and publishes the entire codebase. The project reached version

Lyrie: Open-source autonomous pentesting agent Read More »

CERN’s open source KiCad library gives the world 17,000 circuit board components

CERN’s open source KiCad library gives the world 17,000 circuit board components 2026-05-14 at 11:16 By Sinisa Markovic CERN has released its complete KiCad component library under an open source license, making it available to hardware designers anywhere in the world. The library, maintained by CERN’s Design Office, contains more than 17,000 electronic components in

CERN’s open source KiCad library gives the world 17,000 circuit board components Read More »

KDE gets over €1 million investment to strengthen security and core infrastructure

KDE gets over €1 million investment to strengthen security and core infrastructure 2026-05-13 at 14:00 By Mirko Zorz European governments and public institutions have been shifting away from proprietary software for years, and the financial infrastructure supporting open-source alternatives is growing to match. Germany’s Sovereign Tech Fund announced today that it is investing more than

KDE gets over €1 million investment to strengthen security and core infrastructure Read More »

Fedora Hummingbird brings the container security model to a Linux host OS

Fedora Hummingbird brings the container security model to a Linux host OS 2026-05-13 at 02:05 By Anamarija Pogorelec Container image security pipelines have spent the past several years pushing toward minimal footprints, hermetic builds, and continuous CVE remediation. The Fedora Project is now applying that same approach to the host operating system. At Red Hat

Fedora Hummingbird brings the container security model to a Linux host OS Read More »

Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root

Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root 2026-05-12 at 14:18 By Sinisa Markovic Recent disclosures have revealed that open-source networking tool dnsmasq is grappling with a serious set of vulnerabilities. The problems span memory safety and input validation, with researchers identifying heap buffer overflows, heap corruption, and code execution

Six new dnsmasq vulnerabilities open the door to DNS cache poisoning, local root Read More »

Rustinel: Open-source endpoint detection for Windows and Linux

Rustinel: Open-source endpoint detection for Windows and Linux 2026-05-11 at 08:51 By Mirko Zorz Open-source endpoint detection has long been split between Windows-focused tools built around Sysmon and Linux tools built around eBPF or auditd. Defenders running mixed environments have had to stitch together separate pipelines, separate rule sets, and separate maintenance burdens. Rustinel, a

Rustinel: Open-source endpoint detection for Windows and Linux Read More »

Product showcase: NetGuard open-source firewall for Android

Product showcase: NetGuard open-source firewall for Android 2026-05-08 at 08:17 By Anamarija Pogorelec NetGuard is a free, open-source firewall for Android phones and tablets that provides users with a simple way to block internet access. Android does not allow VPN services to be chained, so the app uses the Android VPN service to route all

Product showcase: NetGuard open-source firewall for Android Read More »

Pipelock: Open-source AI agent firewall

Pipelock: Open-source AI agent firewall 2026-05-04 at 09:46 By Mirko Zorz AI coding agents run with shell access, environment variables containing API keys, and unrestricted internet connectivity, creating a single point of failure where one compromised tool call can leak credentials to an attacker-controlled domain. Pipelock, an open-source security harness developed by Joshua Waldrep under

Pipelock: Open-source AI agent firewall Read More »

Brush shell 0.4.0 tightens script safety, widens platform support

Brush shell 0.4.0 tightens script safety, widens platform support 2026-05-04 at 09:16 By Sinisa Markovic Rust-based alternatives to traditional Unix shells continue to attract users who want bash compatibility alongside built-in features like syntax highlighting and history-based suggestions. Brush, a bash- and POSIX-compatible shell written in Rust, sits in that group, and version 0.4.0 brings

Brush shell 0.4.0 tightens script safety, widens platform support Read More »

Cisco Releases Open Source Tool for AI Model Provenance 

Cisco Releases Open Source Tool for AI Model Provenance  2026-05-01 at 13:57 By Eduard Kovacs The new kit aims to address risks related to poisoned models, regulatory issues, supply chain integrity, and incident response. The post Cisco Releases Open Source Tool for AI Model Provenance  appeared first on SecurityWeek. This article is an excerpt from

Cisco Releases Open Source Tool for AI Model Provenance  Read More »

Open-source privacy proxy masks PII before prompts reach external AI services

Open-source privacy proxy masks PII before prompts reach external AI services 2026-05-01 at 11:49 By Sinisa Markovic Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often without a sanitization layer between the application and the API. Dataiku has released Kiji Privacy Proxy, an

Open-source privacy proxy masks PII before prompts reach external AI services Read More »

Cisco releases open-source toolkit for verifying AI model lineage

Cisco releases open-source toolkit for verifying AI model lineage 2026-04-30 at 16:02 By Mirko Zorz Enterprises pulling models from Hugging Face and other open repositories rarely keep records of how those models are altered after download, leaving organizations with little ability to confirm what they are running in production. The State of AI Security 2026

Cisco releases open-source toolkit for verifying AI model lineage Read More »

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs 2026-04-30 at 15:31 By Anamarija Pogorelec Proxmox Backup Server 4.2 is a maintenance and feature update built on Debian 13.4 “Trixie” that adds S3-compatible object storage as a supported backend and introduces parallel processing for sync jobs. The server ships the new

Proxmox Backup Server 4.2 arrives with S3 storage support and parallel sync jobs Read More »

25 open-source cybersecurity tools that don’t care about your budget

25 open-source cybersecurity tools that don’t care about your budget 2026-04-27 at 10:30 By Anamarija Pogorelec Regardless of the operating system you use, managing secrets, apps, cloud, compliance, and security operations can be overwhelming. The free, open-source tools presented in this article can help you detect threats, increase visibility, enforce controls, and investigate and respond

25 open-source cybersecurity tools that don’t care about your budget Read More »

Scroll to Top