More results...
This month’s roundup features exceptional open-source cybersecurity tools that are gaining attention for strengthening security across various environments. Vuls: Open-source agentless vulnerability scanner Vuls is an open-source tool that helps users …
A critical vulnerability in the widely-used GitHub MCP integration, boasting over 14,000 stars on GitHub, has been uncovered by Invariant Labs, posing a severe risk to users’ private repository data. This flaw, identified through Invariant’s automated …
SilverRAT Source Code leaked on GitHub, exposing powerful malware tools for remote access, password theft, and crypto attacks before removal.
LlamaFirewall is a system-level security framework for LLM-powered applications, built with a modular design to support layered, adaptive defense. It is designed to mitigate a wide spectrum of AI agent security risks including jailbreaking and indirect…
AutoPatchBench is a new benchmark that tests how well AI tools can fix code bugs. It focuses on C and C++ vulnerabilities found through fuzzing. The benchmark includes 136 real bugs and their verified fixes, taken from the ARVO dataset. Patch generatio…
A alarming cybersecurity report by Nisos has uncovered a sophisticated employment scam network potentially affiliated with the Democratic People’s Republic of Korea (DPRK). This network targets remote engineering and full-stack blockchain developer rol…
Hanko is an open-source, API-first authentication solution purpose-built for the passwordless era. “We focus on helping developers and organizations modernize their authentication flows by migrating users towards passkeys, while still supporting …
Cerbos is an open-source solution designed to simplify and modernize access control for cloud-native, microservice-based applications. Instead of hardcoding authorization logic into your application, Cerbos lets you write flexible, context-aware access…
SPIRE is a graduated project of the Cloud Native Computing Foundation (CNCF). It’s a production-ready implementation of the SPIFFE APIs that handles node and workload attestation to securely issue SVIDs to workloads and verify the SVIDs of other …
Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment for AWS Organizations open-source tool helps simplify this process by giving …