Cybersecurity researchers from Wiz found a bug in ProjectDiscovery’s Nuclei in August 2024, after investigating the open source vulnerability scanner, which is designed to automate the detection ...

A widely popular open-source tool, Nuclei, used for scanning vulnerabilities and weaknesses in websites, cloud applications, and networks is found to have a high-severity flaw that could ...

Since open-source projects can rely on large numbers of dependencies, an accessible database can help developers quickly determine which ones introduced new liabilities. The OSV-Scanner introduces ...

The new scanner connects directly to the OSV database, which lets different open-source ecosystems and vulnerability databases publish information in a single format. The free tool is Google’s ...

Aqua Security, a pioneer in cloud native security and the primary maintainer of Aqua Trivy, is launching the Trivy Partner Connect Program, expanding the commercial ecosystem around Trivy, an open ...

Interest continues to build for creating a safer open source software ecosystem, in part because of the code vulnerability Log4Shell, which one recent report predicts will pose a risk for the next ...

Trellix is working to push code via GitHub pull request to protect open-source projects from the vulnerability. Trellix currently has patches available for 11,005 repositories ready for pull requests.