Help Net Security newsletters: Daily and weekly news, cybersecurity jobs, open source projects, breaking news – subscribe here!

Please turn on your JavaScript for this page to function normally.
SpyCast
SpyCast: Cross-platform mDNS enumeration tool

SpyCast is a cross-platform mDNS enumeration tool that can work either in active mode by recursively querying services or in passive mode by only listening to multicast …

bomb
The holy trifecta for developing a secure API

It’s hard to write good API specifications, and since most API gateways use them as IAC, they should be carefully checked for common mistakes. Writing an API that sticks …

Wolfi Linux
Wolfi Linux provides the control needed to fix modern supply chain threats

There’s been a massive push for supply chain security in the last few years: integrity protection, vulnerability management, and transparency. This push has left …

open source
Open source projects under attack, with enterprises as the ultimate targets

Sonatype has found a massive year-over-year increase in cyberattacks aimed at open source projects. According to early data from Sonatype’s 8th annual State of the …

Fuzz CLI
CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++

Fuzz testing helps developers protect their applications against memory corruptions, crashes that cause downtime, and other security issues, including DoS and uncaught …

Wolfi Linux
Wolfi: A Linux undistro with security measures for the software supply chain

Wolfi is a new community Linux undistribution that combines the best aspects of existing container base images with default security measures that will include software …

Python
Python tarfile vulnerability affects 350,000 open-source projects (CVE-2007-4559)

Trellix Advanced Research Center published its research into CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open-source projects and prevalent in …

linux security courses
3 free Linux security training courses you can take right now

Linux Server Management and Security University of Colorado / Instructor: Greg Williams, Lecturer This course dives into how Linux works from an enterprise perspective: In …

open source security
Open-source software usage slowing down for fear of vulnerabilities, exposures, or risks

Anaconda released its annual 2022 State of Data Science report, revealing the widespread trends, opportunities, and perceived blockers facing the data science, machine …

Harbor
High severity vulnerabilities found in Harbor open-source artifact registry

Oxeye security researchers have uncovered several new high severity variants of the IDOR (Insecure Director Object Reference) vulnerabilities (CVE-2022-31671, CVE-2022-31666, …

Government guide for supply chain security: The good, the bad and the ugly

Just as developers and security teams were getting ready to take a breather and fire up the BBQ for the holiday weekend, the U.S.’s most prestigious security agencies (NSA, …

nmap
Nmap 7.93, the 25th anniversary edition, has been released

Nmap is a widely used free and open-source network scanner. It’s used for network inventorying, port scanning, managing service upgrade schedules, monitoring host or …

Don't miss

Cybersecurity news
Daily newsletter sent Monday-Friday
Weekly newsletter sent on Mondays
Editor's choice newsletter sent twice a month
Periodical newsletter released when there is breaking news
Weekly newsletter listing new cybersecurity job positions
Monthly newsletter focusing on open source cybersecurity tools