open source
Tails 7.6 ships automatic Tor bridge retrieval and a new password manager
Tails 7.6 is out, and for users operating on networks that block Tor, the most consequential addition is built-in bridge retrieval. The Tor Connection assistant can now detect …
LiteLLM PyPI packages compromised in expanding TeamPCP supply chain attacks
A slew of supply chain attacks against popular open source tools and packages appears to have been orchestrated by TeamPCP, a cybercriminal group that rose to prominence in …
Kali Linux 2026.1 ships BackTrack mode, eight new tools, and a kernel upgrade to 6.18
Penetration testers running Kali Linux have a new release to work with. Version 2026.1 delivers the annual theme refresh, a new BackTrack-inspired mode in kali-undercover, …
NVIDIA puts GPU orchestration in community hands
GPU-accelerated AI workloads now run on Kubernetes in the large majority of enterprise environments. Managing those workloads at scale has required specialized tooling that, …
GitHub just made it much harder to ship a vulnerable pull request
GitHub is expanding its application security capabilities with AI-powered security detections designed to identify risks earlier in the development process, with public …
Plumber: Open-source scanner of GitLab CI/CD pipelines for compliance gaps
GitLab CI/CD pipelines often accumulate configuration decisions that drift from security baselines over time. Container images get pinned to mutable tags, branches lose …
Llamafile, Mozilla’s portable LLM runner, gets GPU support and a rebuilt core
Running a large language model on a single machine without cloud access or a container runtime remains a priority for practitioners working in air-gapped or …
Samba 4.24.0 ships Kerberos hardening and a CVE fix for domain encryption defaults
Samba 4.24.0 arrived carrying a set of Kerberos security changes aimed at Active Directory deployments. The release fixes a vulnerability, extends audit coverage for sensitive …
Betterleaks: Open-source secrets scanner
Secrets scanning has become standard practice across engineering organizations, and Gitleaks has been one of the most widely used tools in that space. The author of that …
Big tech companies step in to support the open source security ecosystem
Backed by new funding commitments from major technology players, open source security efforts are moving beyond threat identification toward practical solutions for defenders. …
VulHunt: Open-source vulnerability detection framework
Binarly has published VulHunt Community Edition, making the core scanning engine from Binarly’s commercial Transparency Platform available to independent researchers and …
Cloud-audit: Fast, open-source AWS security scanner
Running AWS security audits without a dedicated security team typically means choosing between enterprise platforms with per-check billing and generic open-source scanners …
Featured news
Resources
Don't miss
- Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197)
- Acrobat Reader zero-day exploited in the wild for many months
- AI agent intent is a starting point, not a security strategy
- Asqav: Open-source SDK for AI agent governance
- BlueHammer: Windows zero-day exploit leaked