software
Service disruptions continue to blindside businesses
Service disruptions remain a critical concern for IT and business executives, with 88% of respondents saying they believe another major incident will occur in the next 12 …
Evilginx: Open-source man-in-the-middle attack framework
Evilginx is an open-source man-in-the-middle attack framework designed to phish login credentials and session cookies, enabling attackers to bypass 2FA safeguards. “Back …
What open source means for cybersecurity
With outdated and inadequately maintained components, along with insecure dependencies, the open-source ecosystem presents numerous risks that could expose organizations to …
Vanir: Open-source security patch validation for Android
Google’s open-source tool Vanir enables Android developers to quickly scan custom platform code for missing or applicable security patches. By automating patch …
Trapster Community: Open-source, low-interaction honeypot
Trapster Community is an open-source, lightweight, low-interaction honeypot designed for deployment within internal networks. It enhances network security by creating a …
FuzzyAI: Open-source tool for automated LLM fuzzing
FuzzyAI is an open-source framework that helps organizations identify and address AI model vulnerabilities in cloud-hosted and in-house AI models, like guardrail bypassing and …
Tackling software vulnerabilities with smarter developer strategies
In this Help Net Security interview, Karl Mattson, CISO at Endor Labs, discusses strategies for enhancing secure software development. Mattson covers how developers can …
Keycloak: Open-source identity and access management
Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. …
Open source malware up 200% since 2023
Sonatype’s 2024 Open Source Malware Threat Report reveals that the number of malicious packages has surpassed 778,500 since tracking began in 2019. In 2024, researchers …
Containers have 600+ vulnerabilities on average
Containers are the fastest growing – and weakest cybersecurity link – in software supply chains, according to NetRise. Companies are struggling to get container …
21 years since its inception, GNU Shepherd 1.0.0 is released
GNU Shepherd is a service manager designed to oversee the system’s daemons. It functions both as an “init” system (PID 1) and as a tool for unprivileged …
Neosync: Open-source data anonymization, synthetic data orchestration
Neosync is an open-source, developer-centric solution designed to anonymize PII, generate synthetic data, and synchronize environments for improved testing and debugging. What …