
Acra: Open-source database protection with field-level encryption and intrusion detection
Cossack Labs updated its flagship open-source product Acra database security suite to version 0.90.0 and made many of its core security features previously available only for …

GitHub fixed serious npm registry vulnerability, will mandate 2FA use for certain accounts
GitHub has fixed a serious vulnerability that would have allowed attackers to publish new, malicious versions of any existing package on the npm registry. About the fixed …

Dependency Combobulator: Open source toolkit to combat dependency confusion attacks
Apiiro released Dependency Combobulator, a modular and extensible open source toolkit to detect and prevent dependency confusion attacks. The toolkit, available on GitHub, …

Popular npm package hijacked, modified to deliver cryptominers
Several versions of the npm package for UA-parser.js, a widely used JavaScript library, have been modified to include malicious code and have been made available for download. …

ThreatMapper: Open source platform for scanning runtime environments
Deepfence announced open source availability of ThreatMapper, a signature offering that automatically scans, maps and ranks application vulnerabilities across serverless, …

KuberLogic open-source platform turns infrastructure into a managed PaaS
CloudLinux launched a new open-core project – KuberLogic – software that allows DevOps to set up scalable, self-healing PaaS on top of your Kubernetes cluster. Available on …

ARMO adds MITRE ATT&CK framework to its open-source Kubernetes testing tool
ARMO released an expanded version Kubescape, an open-source testing tool for Kubernetes environments that is compliant with the standards set forth in the Kubernetes Hardening …

YubiKey Bio Series supports fingerprint recognition for passwordless and second factor logins
Yubico launched YubiKey Bio Series, the first YubiKey series that supports fingerprint recognition for secure passwordless and second factor logins. Built for biometric …
NeuVector launches configuration assessment tool for enterprise container security
NeuVector released its configuration posture management and deployment assessment tool for Kubernetes resources. The new tool – available as part of the NeuVector container …
HackerOne updates Internet Bug Bounty program to improve the security of open source software
HackerOne announced the next evolution of the Internet Bug Bounty (IBB) program at the company’s annual Security conference. The IBB’s mission is to secure open source by …
Sentry’s capabilities enable enterprise teams to reduce risk and management overhead
Sentry announced new capabilities that reduce management overhead and accelerate issue response times for enterprise development teams. With percent-based alerts, Code Owners …
Granulate gProfiler provides support to Graviton processors to improve code quality
Granulate announced the latest addition to its gProfiler, which now provides support to Graviton processors. With this new addition to gProfiler, organizations running …
Featured news
Resources
Don't miss
- Attackers compromise IIS servers by leveraging exposed ASP.NET machine keys
- Self-sovereign identity could transform fraud prevention, but…
- Ghidra 11.3 released: New features, performance improvements, bug fixes
- Ransomware payments plummet as more victims refuse to pay
- The overlooked risks of poor data hygiene in AI-driven organizations