open source
Flaw in Notepad++ installer could grant attackers SYSTEM access (CVE-2025-49144)
A high-severity vulnerability (CVE-2025-49144) in the Notepad++ installer could be exploited by unprivileged users to gain SYSTEM-level privileges through insecure executable …
Reconmap: Open-source vulnerability assessment, pentesting management platform
Reconmap is an open source tool for vulnerability assessments and penetration testing. It helps security teams plan, carry out, and report on security tests from start to …
Amazon Linux 2023 achieves FIPS 140-3 validation
Amazon Linux 2023 (AL2023) has earned FIPS 140-3 Level 1 validation for several of its cryptographic modules. This means it’s now approved for use in systems that need …
35 open-source security tools to power your red team, SOC, and cloud security
This article showcases free, open-source security tools that support your organization’s teams in red teaming, threat hunting, incident response, vulnerability scanning, and …
Free AI coding security rules now available on GitHub
Developers are turning to AI coding assistants to save time and speed up their work. But these tools can also introduce security risks if they suggest flawed or unsafe code. …
MDEAutomator: Open-source endpoint management, incident response in MDE
Managing endpoints and responding to security incidents in Microsoft Defender for Endpoint (MDE) can be time-consuming and complex. MDEAutomator is an open-source tool …
Kali Linux 2025.2 delivers Bloodhound CE, CARsenal, 13 new tools
OffSec has released Kali Linux 2025.2, the most up-to-date version of the widely used penetration testing and digital forensics platform. KDE Plasma 6.3 in Kali Linux 2025.2 …
OWASP Nettacker: Open-source scanner for recon and vulnerability assessment
OWASP Nettacker is a free, open-source tool designed for network scanning, information gathering, and basic vulnerability assessment. Built and maintained by the OWASP …
fiddleitm: Open-source mitmproxy add-on identifies malicious web traffic
fiddleitm is an open-source tool built on top of mitmproxy that helps find malicious web traffic. It works by checking HTTP requests and responses for known patterns that …
Meta open-sources AI tool to automatically classify sensitive documents
Meta has released an open source AI tool called Automated Sensitive Document Classification. It was originally built for internal use and is designed to find sensitive …
Vet: Open-source software supply chain security tool
Vet is an open source tool designed to help developers and security engineers spot risks in their software supply chains. It goes beyond traditional software composition …
48% of security pros are falling behind compliance requirements
32% of security professionals think they can deliver zero-vulnerability software despite rising threats and compliance regulations, according to Lineaje. Meanwhile, 68% are …
Featured news
Resources
Don't miss
- CERT UEFI Parser: Open-source tool exposes UEFI architecture to uncover vulnerabilities
- Why prevention-first secrets security will define enterprise scale: Learnings from a leading telecom
- Fortinet starts patching exploited FortiCloud SSO zero-day (CVE-2026-24858)
- Attackers use Windows App-V scripts to slip infostealer past enterprise defenses
- Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)