Stay informed with the latest insights in our Infostealers weekly report. Explore key findings, trends and data on info-stealing activities.

CLI tool for scanning cryptographic usage and generating quantum-vulnerability risk assessments

deception as a developer tool

This is an early alpha of Coalmine an opensource cloud canary management tool

Discover Kingfisher, MongoDB’s open-source tool for security and DevOps engineers to detect and validate exposed secrets in code and repositories.

PanicLock - Keep Touch ID for daily convenience, get instant password-only security when you need it. Your Mac's escape hatch for border crossings, protests, and high-risk situations.

RecoverIt uses penetration testing techniques to exploit service failure recovery functions to trigger the execution of malicious payloads.

Mitchell Hashimoto got tired of AI PR slop, so he built Vouch: a trust management system that could change how open source handles…

klint is a single-binary, one-shot Linux incident response scanner. Detect hidden kernel modules, rootkits, and compromised system state.

Open Security Architecture - Free, open security patterns and NIST 800-53 control mappings for enterprise security architects.

Roundcube's HTML sanitizer doesn't treat SVG feImage href as an image source. Attackers can bypass remote image blocking to track email opens. (CVE-2026-25916)

A discussion of the recent cyber attacks against a number of targets connected to Polands electric grid.

Deep technical analysis of bypassing eBPF-based security solutions through kernel-level hooks targeting BPF iterators, ringbuffers, and perf events

From LLM Fingerprinting to LLM Prompt Injection LLMs Are Deployed Faster Than They're Tested Introducing Augustus How It Works Buff Transformations 28 LLM Providers Quick Start What's Next Contributing & Community

Explore this post and more from the netsec community

Open Source HTTP/1.1 Compliance Platform An open testing platform that probes HTTP/1.1 servers against RFC 9110/9112 requirements, smuggling vectors, and malformed input handling. Add your framework, get compliance results automatically.

The Global Assembly Cache is a system-wide repository in the .NET framework that stores strong named (name + version + culture + public key token identity) assemblies so multiple applications can u…

BinaryAudit benchmarks AI agents using Ghidra to find backdoors in compiled binaries of real open-source servers, proxies, and network infrastructure.