More results...
Commix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments for researchers and ethical hackers. Commix features Easy to use: Commix simpl…
A sophisticated malware campaign leveraging GitHub repositories disguised as game modifications and cracked software has been uncovered, exposing a dangerous convergence of social engineering tactics and automated credential harvesting. Security resear…
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Kunai: Open-source threat hunting tool for Linux Kunai is an open-source tool that provides dee…
Kaspersky researchers have unearthed an extensive and long-running malware delivery campaign that exploited users’ propensity for downloading code from GitHub and using it without first verifying whether it’s malicious. “Over the cour…
GitVenom malware campaign targets gamers and crypto investors by posing as open-source projects on GitHub. Kaspersky researchers warn of a malware campaign, dubbed GitVenom, targeting GitHub users. The threat actors behind this campaign created hundreds of fake GitHub repositories with malicious code, disguising them as automation tools, crypto bots, and hacking utilities. The attackers used […]
DalFox is an open-source tool for automating the detection of XSS vulnerabilities. With powerful testing capabilities and a wide range of features, it makes scanning, analyzing parameters, and verifying vulnerabilities faster and easier. “The uni…
Kaspersky’s Securelist exposes the GitVenom campaign involving fake GitHub repositories to distribute malware. Targeting developers with seemingly legitimate…
The GitVenom campaign, a sophisticated cyber threat, has been exploiting GitHub repositories to spread malware and steal cryptocurrency. This campaign involves creating hundreds of fake GitHub repositories that appear legitimate but contain malicious c…
Misconfig Mapper is an open-source CLI tool built in Golang that discovers and enumerates instances of services used within your organization. It performs large-scale detection and misconfiguration assessments, leveraging customizable templates with de…
ESET researchers have uncovered a series of malicious activities orchestrated by a North Korea-aligned group known as DeceptiveDevelopment, active since early 20241. The cybercriminals pose as company recruiters, enticing freelance software developers …