Posted by JMarkG - 8 votes and 7 comments

Extension for Visual Studio Code - Security vulnerability scanner for dependencies. Checks CVEs from NVD/OSV databases and provides remediation steps. Supports npm, pip, Maven, Go, and more.

How Common Misconfigurations Could Lead to Massive Data Exposure

Introduction Earlier this year, I earned a $10,000 bounty from Microsoft after discovering a critical HTTP request smuggling vulnerability in ASP.NET Core’s Kestrel server (CVE-2025-55315). The vulnerability garnered significant media attention after Microsoft…

A look at how threat actors are abusing AppleScript .scpt files to deliver macOS malware, from fake documents to browser update lures, and how these noscripts ...

There’s an elegance to vulnerability research that feels almost poetic - the quiet dance between chaos and control. It’s the art of peeling back the layers of complexity, not to destroy but to understand; to trace the fragile threads that hold systems together…

The Security Gap GitHub Doesn’t Want to Talk About

Vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Triggering web requests with sanitized input

The Target A few months ago I realized I was overdue for a fun, quirky hardware project. Every so often I like to see what new and interesting electronic children's toys are out there. When looking, I keep in mind the potential attack surface, typically…

AI deception platform: Deceive, Detect, Respond. “You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” Bruce Schneier. We turn that hard truth into your tactical advantage. Our AI-based decoys, built using our open-source…

The Internet is ablaze, and once again we all have a front-row seat - a bad person, if you can believe it, is doing a bad thing!

The first warning of such behaviour came from the great team at Defused:

As many are now aware, an unnamed (and potentially…

FaceSeek helps you verify photos, find people, and enhance online safety using ethical face search and advanced facial recognition.

Posted by Sufficient_Air5988 - 0 votes and 0 comments

Protect your Node.js projects from supply chain attacks. Scan npm packages for malware and vulnerabilities.

A report describing an a highly sophisticated AI-led cyberattack