software
Obot MCP Gateway: Open-source platform to securely manage the adoption of MCP servers
Obot MCP Gateway is a free, open-source gateway that enables IT organizations to securely manage and scale adoption of Model Context Protocol (MCP) servers. MCPs are becoming …
Open-source flow monitoring with SENSOR: Benefits and trade-offs
Flow monitoring tools are useful for tracking traffic patterns, planning capacity, and spotting threats. But many off-the-shelf solutions come with steep licensing costs and …
EntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurations
EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security …
WinRAR zero-day exploited by RomCom hackers in targeted attacks
ESET researchers have discovered a previously unknown vulnerability in WinRAR, exploited in the wild by Russia-aligned group RomCom. If you use WinRAR or related components …
Open-source server management platform Proxmox VE 9.0 released
Proxmox Virtual Environment (VE) 9.0 introduces advancements in both storage and networking capabilities, addressing critical enterprise demands. A highlight is the …
BloodHound 8.0 debuts with major upgrades in attack path management
SpecterOps has released BloodHound 8.0, the latest iteration of its open-source attack path management platform, featuring major enhancements and expanded capabilities. …
Open-source password recovery utility Hashcat 7.0.0 released
Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other …
Artemis: Open-source modular vulnerability scanner
Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that …
Vulnhuntr: Open-source tool to identify remotely exploitable vulnerabilities
Vulnhuntr is an open-source tool that finds remotely exploitable vulnerabilities. It uses LLMs and static code analysis to trace how data moves through an application, from …
Autoswagger: Open-source tool to expose hidden API authorization flaws
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises …
Cervantes: Open-source, collaborative platform for pentesters and red teams
Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and …
Calico: Open-source solution for Kubernetes networking, security, and observability
Calico is an open-source unified platform that brings together networking, security, and observability for Kubernetes, whether you’re running in the cloud, on-premises, …
Featured news
Resources
Don't miss
- Building the missing layers for an internet of agents
- What security leaders should watch for when companies buy or sell a business
- Malicious Rust packages targeted Web3 developers
- Max-severity vulnerability in React, Node.js patched, update ASAP (CVE-2025-55182)
- Smart grids are trying to modernize and attackers are treating it like an invitation