open source
High severity vulnerabilities found in Harbor open-source artifact registry
Oxeye security researchers have uncovered several new high severity variants of the IDOR (Insecure Director Object Reference) vulnerabilities (CVE-2022-31671, CVE-2022-31666, …
Government guide for supply chain security: The good, the bad and the ugly
Just as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.’s most prestigious security agencies (NSA, …
Nmap 7.93, the 25th anniversary edition, has been released
Nmap is a widely used free and open-source network scanner. It’s used for network inventorying, port scanning, managing service upgrade schedules, monitoring host or …
Google invites bug hunters to scrutinize its open source projects
Google wants to improve the security of its open source projects and those projects’ third-party dependencies by offering rewards for bugs found in them. …
5 open-source vulnerability assessment tools to try out
A vulnerability assessment is a methodical examination of network infrastructure, computer systems, and software with the goal of identifying and addressing known security …
NetworkManager 1.40 released, features 600 patches
NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and …
Phishing PyPI users: Attackers compromise legitimate projects to push malware
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …
DevSpace 6: Client-only developer tool for cloud-native development with Kubernetes
Loft Labs released DevSpace 6, open-source software for Kubernetes that enables users to develop, troubleshoot and deploy cloud-native software faster. DevSpace is a …
7 open-source malware analysis tools you should try out
There are two main types of malware analysis: static and dynamic. Performing static analysis of a malicious binary means concentrating on analyizing its code without executing …
OpenFHE: Open-Source Fully Homomorphic Encryption
Fully Homomorphic Encryption (FHE) is a cryptographic primitive that enables performing computations over encrypted data without having access to the secret key. In this Help …
SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Featured news
Sponsored
Don't miss
- Most people still rely on memory or pen and paper for password management
- What AI can tell organizations about their M&A risk
- Breaking down the numbers: Cybersecurity funding activity recap
- Applying DevSecOps principles to machine learning workloads
- Overcoming GenAI challenges in healthcare cybersecurity