open source
Government guide for supply chain security: The good, the bad and the ugly
Just as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.’s most prestigious security agencies (NSA, …
Nmap 7.93, the 25th anniversary edition, has been released
Nmap is a widely used free and open-source network scanner. It’s used for network inventorying, port scanning, managing service upgrade schedules, monitoring host or …
Google invites bug hunters to scrutinize its open source projects
Google wants to improve the security of its open source projects and those projects’ third-party dependencies by offering rewards for bugs found in them. …
5 open-source vulnerability assessment tools to try out
A vulnerability assessment is a methodical examination of network infrastructure, computer systems, and software with the goal of identifying and addressing known security …
NetworkManager 1.40 released, features 600 patches
NetworkManager attempts to keep an active network connection available at all times. The point of NetworkManager is to make networking configuration and setup as painless and …
Phishing PyPI users: Attackers compromise legitimate projects to push malware
PyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users. “We have additionally determined that …
DevSpace 6: Client-only developer tool for cloud-native development with Kubernetes
Loft Labs released DevSpace 6, open-source software for Kubernetes that enables users to develop, troubleshoot and deploy cloud-native software faster. DevSpace is a …
7 open-source malware analysis tools you should try out
There are two main types of malware analysis: static and dynamic. Performing static analysis of a malicious binary means concentrating on analyizing its code without executing …
OpenFHE: Open-Source Fully Homomorphic Encryption
Fully Homomorphic Encryption (FHE) is a cryptographic primitive that enables performing computations over encrypted data without having access to the secret key. In this Help …
SquarePhish: Advanced phishing tool combines QR codes and OAuth 2.0 device code flow
In this Help Net Security video, Security Consultant Kam Talebzadeh and Senior Security Researcher Nevada Romsdahl from Secureworks, showcase SquarePhish, a tool that combines …
AWSGoat: Easy to deploy vulnerable AWS infrastructure for pentesters
Compromising an organization’s cloud infrastructure is like sitting on a gold mine for attackers. And sometimes, a simple misconfiguration or a vulnerability in web …
Kali Linux 2022.3 released: Packages for test labs, new tools, and a community Discord server
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. Packaged apps to set up test labs The …
Featured news
Resources
Don't miss
- WatchGuard Firebox firewalls under attack (CVE-2025-14733)
- Docker makes hardened images free open and transparent for everyone
- 574 arrests, $3 million recovered in Africa-wide cybercrime crackdown
- Building cyber talent through competition, residency, and real-world immersion
- Browser agents don’t always respect your privacy choices