open source

Strix: Open-source AI agents for penetration testing

Strix: Open-source AI agents for penetration testing 2025-11-17 at 16:32 By Sinisa Markovic Security teams know that application flaws tend to show up at the worst time. Strix presents itself as an open source way to catch them earlier by using autonomous agents that behave like human attackers. These agents run code, explore an application, […]

Strix: Open-source AI agents for penetration testing Read More »

Sprout: Open-source bootloader built for speed and security

Sprout: Open-source bootloader built for speed and security 2025-11-13 at 08:26 By Sinisa Markovic Sprout is an open-source bootloader that delivers sub-second boot times and uses a clean, data-driven configuration format that works across operating systems. “We built Sprout because we were frustrated by how fragile and slow traditional bootloaders are,” said Alex Zenla, CTO

Sprout: Open-source bootloader built for speed and security Read More »

ProxyBridge: Open-source proxy routing for Windows applications

ProxyBridge: Open-source proxy routing for Windows applications 2025-11-12 at 10:44 By Sinisa Markovic ProxyBridge is a lightweight, open-source tool that lets Windows users route network traffic from specific applications through SOCKS5 or HTTP proxies. It can redirect both TCP and UDP traffic and gives users the option to route, block, or allow connections on a

ProxyBridge: Open-source proxy routing for Windows applications Read More »

GNU Coreutils 9.9 brings fixes and updates across essential tools

GNU Coreutils 9.9 brings fixes and updates across essential tools 2025-11-11 at 16:59 By Anamarija Pogorelec GNU Coreutils is the backbone of many enterprise Linux environments. It provides the basic file, shell, and text utilities that every GNU-based system depends on. The latest release, version 9.9, refines these tools with fixes and performance improvements. Several

GNU Coreutils 9.9 brings fixes and updates across essential tools Read More »

sqlmap: Open-source SQL injection and database takeover tool

sqlmap: Open-source SQL injection and database takeover tool 2025-11-10 at 11:28 By Sinisa Markovic Finding and exploiting SQL injection vulnerabilities is one of the oldest and most common steps in web application testing. sqlmap streamlines this process. It is an open-source penetration testing tool that automates the detection and exploitation of SQL injection flaws and

sqlmap: Open-source SQL injection and database takeover tool Read More »

OpenGuardrails: A new open-source model aims to make AI safer for real-world use

OpenGuardrails: A new open-source model aims to make AI safer for real-world use 2025-11-06 at 10:28 By Mirko Zorz When you ask a large language model to summarize a policy or write code, you probably assume it will behave safely. But what happens when someone tries to trick it into leaking data or generating harmful

OpenGuardrails: A new open-source model aims to make AI safer for real-world use Read More »

PortGPT: How researchers taught an AI to backport security patches automatically

PortGPT: How researchers taught an AI to backport security patches automatically 2025-11-05 at 09:07 By Mirko Zorz Keeping older software versions secure often means backporting patches from newer releases. It is a routine but tedious job, especially for large open-source projects such as the Linux kernel. A new research effort has built a tool that

PortGPT: How researchers taught an AI to backport security patches automatically Read More »

VulnRisk: Open-source vulnerability risk assessment platform

VulnRisk: Open-source vulnerability risk assessment platform 2025-11-05 at 09:07 By Anamarija Pogorelec VulnRisk is an open-source platform for vulnerability risk assessment. It goes beyond basic CVSS scoring by adding context-aware analysis that reduces noise and highlights what matters. The tool is free to use and designed for local development and testing. The platform’s scoring engine

VulnRisk: Open-source vulnerability risk assessment platform Read More »

Financial services can’t shake security debt

Financial services can’t shake security debt 2025-11-04 at 07:30 By Anamarija Pogorelec In financial services, application security risk is becoming a long game. Fewer flaws appear in new code, but old ones linger longer, creating a kind of software “interest” that keeps growing, according to Veracode’s 2025 State of Software Security report. Researchers analyzed data

Financial services can’t shake security debt Read More »

Heisenberg: Open-source software supply chain health check tool

Heisenberg: Open-source software supply chain health check tool 2025-11-03 at 08:30 By Mirko Zorz Heisenberg is an open-source tool that checks the health of a software supply chain. It analyzes dependencies using data from deps.dev, Software Bills of Materials (SBOMs), and external advisories to measure package health, detect risks, and generate reports for individual dependencies

Heisenberg: Open-source software supply chain health check tool Read More »

Shadow AI: New ideas emerge to tackle an old problem in new form

Shadow AI: New ideas emerge to tackle an old problem in new form 2025-10-31 at 09:13 By Zeljka Zorz Shadow AI is the second-most prevalent form of shadow IT in corporate environments, 1Password’s latest annual report has revealed. Based on a survey of over 5,000 IT/security professionals and knowledge workers in the US, UK, Europe,

Shadow AI: New ideas emerge to tackle an old problem in new form Read More »

Python Foundation rejects US government grant earmarked for security improvements

Python Foundation rejects US government grant earmarked for security improvements 2025-10-29 at 14:23 By Zeljka Zorz The Python Software Foundation (PSF) has rejected a $1.5 million government grant due to restrictive conditions that would force the foundation to betray its mission and its community, the programming non-profit announced on Monday. “In January 2025, the PSF

Python Foundation rejects US government grant earmarked for security improvements Read More »

Proximity: Open-source MCP security scanner

Proximity: Open-source MCP security scanner 2025-10-29 at 08:29 By Mirko Zorz Proximity is a new open-source tool that scans Model Context Protocol (MCP) servers. It identifies the prompts, tools, and resources that a server makes available, and it can evaluate how those elements might introduce security risks. The tool also work with NOVA, a rule

Proximity: Open-source MCP security scanner Read More »

Chainguard Raises $280 Million in Growth Funding

Chainguard Raises $280 Million in Growth Funding 2025-10-27 at 17:14 By Eduard Kovacs Chainguard has raised $636 million in the past six months alone for its software supply chain security solutions.  The post Chainguard Raises $280 Million in Growth Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source

Chainguard Raises $280 Million in Growth Funding Read More »

Dependency-Track: Open-source component analysis platform

Dependency-Track: Open-source component analysis platform 2025-10-27 at 08:46 By Sinisa Markovic Software is a patchwork of third-party components, and keeping tabs on what’s running under the hood has become a challenge. The open-source platform Dependency-Track tackles that problem head-on. Rather than treating software composition as a one-time scan, it continuously monitors every version of every

Dependency-Track: Open-source component analysis platform Read More »

Wireshark 4.6.0 brings major updates for packet analysis and decryption

Wireshark 4.6.0 brings major updates for packet analysis and decryption 2025-10-23 at 17:10 By Anamarija Pogorelec If you’ve ever used Wireshark to dig into network traffic you know how vital even small upgrades can be. With version 4.6.0 the team behind the open-source network protocol analyzer has added a number of features that could change

Wireshark 4.6.0 brings major updates for packet analysis and decryption Read More »

OpenFGA: The open-source engine redefining access control

OpenFGA: The open-source engine redefining access control 2025-10-22 at 15:13 By Sinisa Markovic OpenFGA is an open-source, high-performance, and flexible authorization engine inspired by Google’s Zanzibar system for relationship-based access control. It helps developers model and enforce fine-grained access control in their applications. At its core, OpenFGA enables teams to define who can do what

OpenFGA: The open-source engine redefining access control Read More »

Nodepass: Open-source TCP/UDP tunneling solution

Nodepass: Open-source TCP/UDP tunneling solution 2025-10-20 at 13:18 By Sinisa Markovic When you think of network tunneling, “lightweight” and “enterprise-grade” rarely appear in the same sentence. NodePass, an open-source project, wants to change that. It’s a compact but powerful TCP/UDP tunneling solution built for DevOps teams and system administrators who need to manage complex network

Nodepass: Open-source TCP/UDP tunneling solution Read More »

Maltrail: Open-source malicious traffic detection system

Maltrail: Open-source malicious traffic detection system 2025-10-15 at 08:30 By Sinisa Markovic Maltrail is an open-source network traffic detection system designed to spot malicious or suspicious activity. It works by checking traffic against publicly available blacklists, as well as static lists compiled from antivirus reports and user-defined sources. These “trails” can include domain names, URLs,

Maltrail: Open-source malicious traffic detection system Read More »

Nagios: Open-source monitoring solution

Nagios: Open-source monitoring solution 2025-10-10 at 08:19 By Anamarija Pogorelec Nagios is an open-source monitoring solution, now included as part of the robust Nagios Core Services Platform (CSP). It delivers end-to-end visibility across the entire IT infrastructure, covering everything from websites and DNS to servers, routers, switches, workstations, and critical services. It helps organizations proactively

Nagios: Open-source monitoring solution Read More »

Scroll to Top