Cybercriminals used a gaming engine to create undetectable malware loader
Threat actors are using an ingenious new way for covertly delivering malware to a wide variety of operating systems and platforms: they have created a malware loader that uses …
Hottest cybersecurity open-source tools of the month: November 2024
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. ScubaGear …
Deploy a SOC using Kali Linux in AWS
The Kali SOC in AWS project is a Terraform-based implementation that enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for …
AxoSyslog: Open-source scalable security data processor
AxoSyslog is a syslog-ng fork, created and maintained by the original creator of syslog-ng, Balazs Scheidler, and his team. “We first started by making syslog-ng more …
GitHub Secure Open Source Fund: Project maintainers, apply now!
GitHub is calling on maintainers of open source projects to apply for the newly opened Secure Open Source Fund, to get funding and knowledge to improve the security and …
Open-source and free Android password managers that prioritize your privacy
We’re often told to use strong, unique passwords, especially for important accounts like email, banking, and social media. However, managing different passwords for numerous …
ScubaGear: Open-source tool to assess Microsoft 365 configurations for security gaps
ScubaGear is an open-source tool the Cybersecurity and Infrastructure Security Agency (CISA) created to automatically evaluate Microsoft 365 (M365) configurations for …
GoIssue phishing tool targets GitHub developer credentials
Researchers discovered GoIssue, a new phishing tool targeting GitHub users, designed to extract email addresses from public profiles and launch mass email attacks. Marketed on …
Powerpipe: Open-source dashboards for DevOps
Powerpipe is an open-source solution designed to streamline DevOps management with powerful visualization and compliance tools, making it simple to track, assess, and act on …
Am I Isolated: Open-source container security benchmark
Am I Isolated is an open-source container security benchmark that probes users’ runtime environments and tests for container isolation. The Rust-based container runtime …
Osmedeus: Open-source workflow engine for offensive security
Osmedeus is an open-source workflow engine designed for offensive security. It serves as a versatile foundation, enabling users to easily create customized reconnaissance …
Whispr: Open-source multi-vault secret injection tool
Whispr is an open-source CLI tool designed to securely inject secrets from secret vaults, such as AWS Secrets Manager and Azure Key Vault, directly into your application’s …
Featured news
Resources
Don't miss
- What cybersecurity leaders are reading to stay ahead
- Cisco email security appliances rooted and backdoored via still unpatched zero-day
- Exploited SonicWall zero-day patched (CVE-2025-40602)
- Attackers are exploiting auth bypass vulnerability on FortiGate firewalls (CVE-2025-59718)
- Why vulnerability reports stall inside shared hosting companies