Cyber-Threat-Intelligence für CISOs und Security-Teams — KI-gestützte Lageberichte, CVE-Analysen, MITRE ATT&CK Mapping und defensive Handlungsempfehlungen. 20+ Quellen, automatisch aufbereitet.
Copy Fail: What You Need to Know About the Most Severe Linux Threat in Years
kali-pentest — Kali Linux penetration testing skill for AI agents (Claude Code, OpenClaw, Hermes Agent). 200+ CLI tools, 15 scenario playbooks. Autonomously plans attack paths, selects tools, and integrates results across phases to adapt the penetration strategy — with human approval gates for high-risk actions.
CISA Adds One Known Exploited Vulnerability to Catalog
Threat Brief: Exploitation of PAN-OS Captive Portal Zero-Day for Unauthenticated Remote Code Execution
Hacking-Tools — A curated list of penetration testing and ethical hacking tools, organized by category. This compilation includes tools from Kali Linux and other notable sources.
Dark-Moon — Autonomous AI pentesting engine performing continuous offensive security across web, cloud, AD and Kubernetes. Uses agentic reasoning, real exploit execution and attack path analysis to deliver proof-based vulnerabilities.
| CVE | Severity | CVSS | EPSS | KEV | Score | |
|---|---|---|---|---|---|---|
| CVE-2026-31431 | HIGH | 7.8 | 4% | 8 | 82 | |
| CVE-2026-3517 | HIGH | 8.4 | 0% | — | 1 | 5 |
| CVE-2026-3518 | HIGH | 8.4 | 0% | — | 1 | 5 |
| CVE-2026-3519 | HIGH | 8.4 | 0% | — | 1 | 5 |
| CVE-2026-4048 | HIGH | 8.4 | 0% | — | 1 | 5 |
| CVE-2026-42167 | HIGH | 8.1 | 5% | — | 1 | 3 |
Fortinet has released security patches for two critical vulnerabilities in FortiSandbox and FortiAuthenticator that could enable attackers to run commands or arbitrary code. [...]
Arcjet JavaScript (JS) / TypeScript SDK. Stop bots and automated attacks from burning your AI budget, leaking data, or misusing tools with Arcjet's AI security building blocks. · Sprache: TypeScript · Topics: bun, developer-tools, javascript, javascript-library, nextjs, nodejs · ⭐ 663 Stars
Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. [...]
Open-source AI agent red-team engine, SDK, and CLI. Run offline or against the Humanbound Platform. · Sprache: Python · Topics: adversarial-testing, agentic-ai, ai-agents, ai-red-teaming, ai-safety, ai-security · ⭐ 20 Stars
Today is Microsoft's May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed this month. [...]
Fresh security updates resolve critical flaws in Azure, Windows, Dynamics 365, and the SSO Plugin for Jira & Confluence. The post Microsoft Patches 137 Vulnerabilities appeared first on SecurityWeek.
a secure dotenv–from the creator of `dotenv` · Sprache: JavaScript · Topics: cli, configuration-file, curl, dotenv, dotenvx, end-to-end-encryption · ⭐ 5,434 Stars
Open-source CLI for AI coding agents. Give your coding agents access to services without exposing keys. · Sprache: Go · Topics: ai, ai-agents, audit-logging, cli, credential-management, developer-tools · ⭐ 189 Stars
⭐️ Luminar Neo Activator | Photo Editor v1.0 | Setup Installer 2026 | Patch Keygen Loader | License Key Mod | Pre-Activated Full Version | Latest Build for Windows 10/11 PC | Get Desktop Activation | Premium Serial Bypass | Unlock Pro Features | Genuine Original x64 ⭐️ · Topics: budget-calculator, cirrus, cover, lidar-point-cloud, linux-audit, luminar-free · ⭐ 11 Stars
Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data · Sprache: Go · Topics: abac, acl, authorization, ciam, cloud-native, database · ⭐ 6,701 Stars
FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data. · Sprache: Rust · Topics: cybersecurity, events, file-integrity, file-integrity-monitoring, filemonitor, files · ⭐ 194 Stars
wolfSSL Intrusion Detection and Prevention System (IDPS) · Sprache: C · Topics: anti-bot, attack-prevention, ban-hosts, c-library, embedded, embedded-systems · ⭐ 51 Stars
Open-source endpoint detection engine for Windows and Linux using ETW, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts. · Sprache: Rust · Topics: blue-team, detection-engineering, ebpf, edr, endpoint-detection, endpoint-security · ⭐ 244 Stars
Mobile Edge-Dynamic Unified Security Analysis · Sprache: JavaScript · Topics: android, android-malware, dynamic-analysis, frida, frida-scripts, frida-snippets · ⭐ 2,257 Stars
Exaforce has raised a total of $200 million and plans on using the latest investment for product development and international expansion. The post Exaforce Raises $125 Million for Agentic SOC Platform appeared first on SecurityWeek.
Autonomous AI pentesting engine performing continuous offensive security across web, cloud, AD and Kubernetes. Uses agentic reasoning, real exploit execution and attack path analysis to deliver proof-based vulnerabilities. · Sprache: Python · Topics: ai-agents, ai-security-tool, autonomous-agents, cybersecurity, llm, multi-agent-systems · ⭐ 164 Stars
Škoda Auto, a wholly owned subsidiary of the Volkswagen Group, has disclosed a data breach after attackers hacked its online shop and stole the personal information of an undisclosed number of customers. [...]
Android 17, expected to roll out next month, will introduce several security and privacy features focused on device theft, threat detection, and banking scam calls. [...]
Open-source credential vault, give your AI agents access to services without exposing keys. · Sprache: TypeScript · Topics: ai-agents, cli, mcp, nanoclaw, nodejs, openclaw · ⭐ 2,138 Stars
While none of the flaws have been exploited in the wild, many of them could lead to arbitrary code execution. The post Adobe Patches 52 Vulnerabilities in 10 Products appeared first on SecurityWeek.
Exim has released security updates to address a severe security issue affecting certain configurations that could enable memory corruption and potential code execution. Exim is an open-source Mail Transfer Agent (MTA) designed for Unix-like systems to receive, route, and deliver email. The...
Mapping the information system / Cartographie du système d'information · Sprache: Blade · Topics: anssi, assets, assets-management, cartographie, cartography, cmdb · ⭐ 523 Stars
The open source taint analysis engine for the AI era. Formal inter-procedural taint analysis — finds what pattern matching engines miss, enacts what LLM agents discover as rules, scales where neither can alone. · Sprache: Kotlin · Topics: java, kotlin, sast, security, security-tools, seqra · ⭐ 41 Stars
The startup will invest in accelerating product development, hiring new talent, and expanding its customer base. The post White Circle Raises $11 Million for AI Control Platform appeared first on SecurityWeek.
A modular vulnerability scanner with automatic report generation capabilities. · Sprache: Python · Topics: artemis, pentesting, security, security-scanner, security-tools, vulnerability-detection · ⭐ 1,166 Stars
Justniffer Just A Network TCP Packet Sniffer. Justniffer is a network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate web server log files, track response times and extract all "intercepted" files from the HTTP traffic · Sprache: C · Topics: cli, cpp, cybersecurity, http, linux, network · ⭐ 228 Stars
An open source tool for detecting website blocks, downdetecting, and network analysis · Sprache: Python · Topics: ai-first, ai-friendly, arp, censorship, cli, dns · ⭐ 22 Stars
RubyGems, the standard package manager for the Ruby programming language, has temporarily paused account sign ups following what has been described as a "major malicious attack." "We're dealing with a major malicious attack on Ruby Gems right now," Maciej Mensfeld, senior product manager for...
Dradis Framework: Collaboration and reporting for IT Security teams · Sprache: Ruby · Topics: collaboration, dradis, dradis-framework, infosec, penetration-testing, pentesting · ⭐ 803 Stars
Threat actors obtained names and contact information for an unspecified number of BWH Hotels guests. The post BWH Hotels Says Hackers Had Access to Reservation Data for 6 Months appeared first on SecurityWeek.