ASSIGNED (dcbugzillaresponse) in CA Program - CA Certificate Compliance. Last updated 2026-05-04.

100% free online tools: Website Security Scanner, Speed Test, URL Shortener (ShrinkIt), Database Converter, QR Code Generator, Encryption & more.

Cyera's research team discovered a critical memory-leak vulnerability in Ollama, the world's most popular platform for running large language models (LLMs) locally.

pyghidra-mcp v0.2.0 ships a GUI-backed mode that lets a local LLM drive a live Ghidra CodeBrowser at full project scope. Renames, plate comments, and cross-binary pivots land in real time, with every edit tagged in Ghidra’s undo history while the session…

A growing list of named vulnerabilities, attack techniques and exploits.

Golang maps have some randomness in them. Why? To make developers not rely on the ordering and prevent hash collision DoS attacks. Read this article to learn more about the design and consequences of this.

Quacc++ combines grep.app's massive repo search with Semgrep's static analysis to automate vulnerability hunting across all public GitHub code. Built for security researchers.

Mindgard Research found persistent trust flaws in AI coding agents that can let changed project configs execute without re-approval.

Découvrez le contournement BitLocker et la réalité des downgrade attacks face à la vulnérabilité CVE-2025-48804.

Learn how AISLE discovered a command injection to root RCE vulnerability in FreeBSD.

Honey tokens are fake credentials that alert you of breaches when attackers use them.

This document describes the Dirty Frag vulnerability class, first discovered and reported by Hyunwoo Kim (@v4bel), which can obtain root privileges on.

Hyunwoo Kim has announced the Dirty Frag security flaw, a local-privilege-escalation (LPE) vuln [...]

ShinyHunters breached Canvas — the LMS used by 41% of North American universities. Harvard, Penn, Duke, K-12 schools. Private messages, grades, student records. May 12 ransom deadline. Full breakdown at Hitechies.

A case study of how Cilium secures its CI/CD pipeline end to end: SHA-pinned actions, two-phase checkouts for pull_request_target, Re...

Existing benchmarks for LLM-based vulnerability detection compress model performance into a single metric, which fails to reflect the distinct priorities of different stakeholders. For example, a...