The Hacker News

Open VSX Bug Let Malicious VS Code Extensions Bypass Pre-Publish Security Checks

Open VSX bug misread scanner failures as clean results, letting malicious VS Code extensions go live before patch in v0.32.0.
TechSpot

Google introduces vulnerability scanner for open-source projects

In brief: Open-source development projects often must rely on many external dependencies, saving developers the work of building new functionality from scratch. Google's new tool is the latest part of ...
Bleeping Computer

Betterleaks, a new open-source secrets scanner to replace Gitleaks

A new open-source tool called Betterleaks can scan directories, files, and git repositories and identify valid secrets using default or customized rules. Secret scanners are specialized utilities that ...
ZDNet

Google open-sources Tsunami vulnerability scanner

Google has open-sourced a vulnerability scanner for large-scale enterprise networks consisting of thousands or even millions of internet-connected systems. Named Tsunami, the scanner has been used ...