software

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab 2026-04-15 at 08:18 By Anamarija Pogorelec Misconfigured source code management platforms remain a common entry point in software supply chain attacks, and organizations often lack visibility into which settings put them at risk. Legitify, an open-source tool from Legit Security, addresses that gap by scanning […]

Legitify: Open-source scanner for security misconfigurations on GitHub and GitLab Read More »

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support 2026-04-14 at 18:57 By Anamarija Pogorelec OpenSSL 4.0.0 removes several long-deprecated features, adds support for Encrypted Client Hello, and introduces API-level changes that will require code updates for applications built against older versions. SSLv3, SSLv2 client hello, and engines are gone SSLv3 support has been

OpenSSL 4.0.0 release cuts deprecated protocols and gains post-quantum support Read More »

DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend

DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend 2026-04-14 at 16:21 By Anamarija Pogorelec Organizations that run DavMail to bridge standard mail clients to Microsoft Exchange or Office 365 received an update this week. Version 6.6.0 addresses a code-scanning alert tied to a regex vulnerability, adjusts OAuth redirect handling to match

DavMail 6.6.0 patches a regex flaw and advances its Microsoft Graph backend Read More »

ZeroID: Open-source identity platform for autonomous AI agents

ZeroID: Open-source identity platform for autonomous AI agents 2026-04-13 at 09:02 By Mirko Zorz ZeroID is an open-source identity platform that implements an identity and credentialing layer specifically for autonomous agents and multi-agent systems. The attribution problem The core issue ZeroID targets is attribution in agentic workflows. When an orchestrator agent spawns sub-agents to carry

ZeroID: Open-source identity platform for autonomous AI agents Read More »

Little Snitch for Linux shows what your apps are connecting to

Little Snitch for Linux shows what your apps are connecting to 2026-04-10 at 11:48 By Mirko Zorz Network monitoring on Linux has long been a gap for users who want per-process visibility into outbound connections. Existing tools either operate at the command line or were designed for server security rather than desktop privacy. Objective Development,

Little Snitch for Linux shows what your apps are connecting to Read More »

Asqav: Open-source SDK for AI agent governance

Asqav: Open-source SDK for AI agent governance 2026-04-09 at 08:27 By Mirko Zorz AI agents are executing consequential tasks autonomously, often across multiple systems and with little record of what they did or why. Asqav, a Python SDK released under the MIT license, addresses that gap by attaching a cryptographic signature to each agent action

Asqav: Open-source SDK for AI agent governance Read More »

Flatpak 1.16.4 fixes sandbox escape and three other security flaws

Flatpak 1.16.4 fixes sandbox escape and three other security flaws 2026-04-08 at 12:16 By Anamarija Pogorelec Flatpak, a Linux application sandboxing and distribution framework, released version 1.16.4, patching four security vulnerabilities. The most severe fix addresses a complete sandbox escape that leads to host file access and code execution in the host context, tracked as

Flatpak 1.16.4 fixes sandbox escape and three other security flaws Read More »

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app 2026-04-06 at 09:16 By Anamarija Pogorelec Proton Authenticator is a free and open-source two-factor authentication (2FA) app that generates time-based one-time passwords (TOTP) to help secure online accounts. It is available on Windows, macOS, Linux, iOS, and Android, allowing users to access their

Product showcase: Proton Authenticator is an end-to-end encrypted, open source 2FA app Read More »

Microsoft releases open-source toolkit to govern autonomous AI agents

Microsoft releases open-source toolkit to govern autonomous AI agents 2026-04-03 at 08:39 By Anamarija Pogorelec AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks like LangChain, AutoGen, CrewAI, and Azure AI Foundry Agent Service have made this kind of autonomy straightforward to

Microsoft releases open-source toolkit to govern autonomous AI agents Read More »

OpenSSH 10.3 patches five security bugs and drops legacy rekeying support

OpenSSH 10.3 patches five security bugs and drops legacy rekeying support 2026-04-02 at 18:58 By Anamarija Pogorelec OpenSSH 10.3 shipped carrying five security fixes alongside feature additions and a set of behavior changes that will break compatibility with older SSH implementations that do not support rekeying. Rekeying compatibility removed SSH clients and servers that lack

OpenSSH 10.3 patches five security bugs and drops legacy rekeying support Read More »

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step 2026-03-31 at 15:43 By Sinisa Markovic The open-source spam filtering platform Rspamd released version 4.0.0, delivering infrastructure changes across its scan protocol, memory model, hash storage, and configuration system. Several of the changes are breaking, and at least one requires a

Rspamd 4.0.0 ships memory savings, a new scan protocol, and a required migration step Read More »

Hottest cybersecurity open-source tools of the month: March 2026

Hottest cybersecurity open-source tools of the month: March 2026 2026-03-31 at 07:37 By Anamarija Pogorelec Presented here is a curated selection of noteworthy open-source cybersecurity solutions that have drawn recognition for their ability to enhance security postures across diverse settings. BlacksmithAI: Open-source AI-powered penetration testing framework BlacksmithAI is an open-source penetration testing framework that uses

Hottest cybersecurity open-source tools of the month: March 2026 Read More »

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools 2026-03-30 at 10:37 By Anamarija Pogorelec Bootable Linux recovery environments occupy a specific niche in the systems administration and incident response toolkit. SystemRescue, an Arch-based live distribution built for repairing unbootable systems and recovering data from damaged drives, has shipped version 13.00

SystemRescue 13 updates its kernel to Linux 6.18 LTS, adds new recovery tools Read More »

ShipSec Studio brings open-source workflow orchestration to security operations

ShipSec Studio brings open-source workflow orchestration to security operations 2026-03-30 at 08:04 By Anamarija Pogorelec Security teams have long relied on a mix of shell scripts, cron jobs, and loosely connected tools to chain reconnaissance and vulnerability scanning work together. ShipSec Studio, an open-source security workflow automation platform from ShipSec AI, aims to replace that

ShipSec Studio brings open-source workflow orchestration to security operations Read More »

Tails 7.6 ships automatic Tor bridge retrieval and a new password manager

Tails 7.6 ships automatic Tor bridge retrieval and a new password manager 2026-03-27 at 01:05 By Anamarija Pogorelec Tails 7.6 is out, and for users operating on networks that block Tor, the most consequential addition is built-in bridge retrieval. The Tor Connection assistant can now detect when a direct connection to Tor is restricted and

Tails 7.6 ships automatic Tor bridge retrieval and a new password manager Read More »

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps 2026-03-23 at 09:18 By Anamarija Pogorelec GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose protection settings, and required templates go missing. An open-source tool called Plumber automates the detection of

Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps Read More »

Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults

Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults 2026-03-19 at 10:35 By Sinisa Markovic Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive AD attributes, and introduces configuration options to counter two related Kerberos

Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults Read More »

Betterleaks: Open-source secrets scanner

Betterleaks: Open-source secrets scanner 2026-03-19 at 09:02 By Anamarija Pogorelec Secrets scanning has become standard practice across engineering organizations, and Gitleaks has been one of the most widely used tools in that space. The author of that project has now released a new tool called Betterleaks, which is designed to scan git repositories, directories, and

Betterleaks: Open-source secrets scanner Read More »

VulHunt: Open-source vulnerability detection framework

VulHunt: Open-source vulnerability detection framework 2026-03-16 at 07:40 By Anamarija Pogorelec Binarly has published VulHunt Community Edition, making the core scanning engine from Binarly’s commercial Transparency Platform available to independent researchers and practitioners. What VulHunt does VulHunt Community Edition is a framework for detecting vulnerabilities in compiled software. It operates against multiple binary representations simultaneously,

VulHunt: Open-source vulnerability detection framework Read More »

Scroll to Top