More results...
EntraGoat is a purpose-built tool that sets up a vulnerable Microsoft Entra ID environment to mimic real-world identity security issues. It’s designed to help security professionals practice spotting and exploiting common misconfigurations. The tool cr…
Concentric AI announced new integrations that enhance the AI-driven capabilities of its Semantic Intelligence data security governance platform, expanding data governance functionality for organizations. Concentric AI’s new integration with Wiz, gives …
SpecterOps has released BloodHound 8.0, the latest iteration of its open-source attack path management platform, featuring major enhancements and expanded capabilities. BloodHound OpenGraph The release introduces BloodHound OpenGraph, a major advanceme…
Hashcat is an open-source password recovery tool that supports five attack modes and more than 300 highly optimized hashing algorithms. It runs on CPUs, GPUs, and other hardware accelerators across Linux, Windows, and macOS, and includes features for d…
A sophisticated cyberattack campaign disrupted the Russian IT industry and entities in several other countries, leveraging advanced evasion techniques to deploy the notorious Cobalt Strike Beacon. Attackers ingeniously concealed payload information wit…
Artemis is an open-source modular vulnerability scanner that checks different aspects of a website’s security and translates the results into easy-to-understand messages that can be shared with the organizations being scanned. “The most important…
GitHub experienced a significant global outage on July 28-29, 2025, disrupting core services used by millions of developers worldwide. The incident, which lasted approximately eight hours, affected API requests, Issues, and Pull Requests functionality …
Vulnhuntr is an open-source tool that finds remotely exploitable vulnerabilities. It uses LLMs and static code analysis to trace how data moves through an application, from user input to server output. This helps it spot complex, multi-step vulnerabili…
A hacker injected a malicious prompt into Amazon Q via GitHub, aiming to delete user files and wipe AWS data, exposing a major security flaw.
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can be ex…