software
The top 7 improvements in Nmap 7
Nmap 7 is the product of three and a half years of work, nearly 3200 code commits, and more than a dozen point releases since the big Nmap 6 release in May 2012.The top 7 …
PwnBin: A script for scraping Pastebin for leaked API keys, SSH credentials
Pastebins, apart from being a great help for programmers as they offer a place where one can store text online for a set period of time and share it with others, are also …

Inside the largely unexplored world of mainframe security
The security of mainframe computers – the so-called “big iron”, which is mainly used by large organizations for critical applications, bulk data and …
Bug in Android Gmail app allows effective email spoofing
Yan Zhu, a Technology Fellow at the Electronic Frontier Foundation, has unearthed a flaw in the Gmail Android app that can lead to very effective phishing attacks.The flaw is …
Open source Twittor tool can control botnets via Direct Messages
A security researcher has created a tool that allows botnet masters to control their botnet by simply sending out commands via Twitter accounts.“I mostly wanted to …
Trojanized versions of 20,000 popular apps found secretly rooting Android devices
Lookout researchers have discovered some 20,000 apps that secretly root users’ phone and install themselves as system applications, which makes them able to access …
Firefox 42 is out, with many privacy and security improvements
Mozilla has released Firefox 42, and with it, a new feature that should increase user privacy online.It’s called Tracking Protection and it’s incorporated into the …
Open source tool checks for vulnerabilities on Android devices
OEMs like Samsung and HTC run heavily customized versions of Android. Unfortunately, the OEM patch deployment infrastructure is disorganized and too often end users are left …
Signal for Android finally out, offers end-to-end encrypted calls and messages
Open Whisper Systems (formerly Whisper Systems) has finally released the Android version of its popular free, open source iOS app for end-to-end encrypted voice calls.Signal …
Open source KeeFarce tool loots encrypted passwords stored in KeePass
Denis Andzakovic, a hacker and researcher with New Zealand-based security consultancy Security-Assessment.com, has released the source code for KeeFarce, a tool that can …
Hacking Team pitches encryption-cracking tools to US law enforcement
Hacking Team, the Italian company that provides offensive intrusion and surveillance software to governments, intelligence and law enforcement agencies, is back in the saddle, …
Xen Project plugs critical host hijacking flaw, patch ASAP
The latest security update (XSA-145 through 153) for the popular Xen virtualization software fixes nine issues. Eight of them can lead to Denial of Service, but the ninth is …
Featured news
Resources
Don't miss
- Data-stealing VS Code extensions removed from official Marketplace
- Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322)
- What good threat intelligence looks like in practice
- AutoPatchBench: Meta’s new way to test AI bug fixing tools
- Third-party cyber risks and what you can do