* [Nuclei Templates v10.4.0](https://github.com/projectdiscovery/nuclei-templates) – Community curated templates for the nuclei engine to identify security vulnerabilities in applications.

* [rate-limiter-flexible v10.0.0](https://github.com/animir/node-rate-limiter-flexible) – Counts and limits actions by key to protect against DDoS and brute force attacks.

* [Password Pusher v2.0.0](https://github.com/pglombardo/PasswordPusher) – Securely share sensitive information with automatic expiration and deletion after a set number of views or duration.

* [cnspec v13.1.0](https://github.com/mondoohq/cnspec) – Cloud-native policy-as-code engine that scans infrastructure, containers, Kubernetes, cloud services, and code for vulnerabilities and misconfigurations.

* [Skylos v4.0.0](https://github.com/duriantaco/skylos) – Privacy-first hybrid static-analysis tool for Python, TypeScript, and Go that detects dead code, secrets, and security vulnerabilities.

* [OpenFGA v1.12.0](https://github.com/openfga/openfga) – High-performance authorization engine for modeling and enforcing fine-grained access control inspired by Google Zanzibar.

* [Crust v4.0.0](https://github.com/BakeLens/crust) – Local transparent gateway that intercepts agent tool calls and blocks dangerous operations before execution.

* [SOPS v3.12.2](https://github.com/getsops/sops) – Editor for encrypted files supporting multiple formats and encryption methods.

* [Infisical v0.158.16](https://github.com/Infisical/infisical) – Secret management platform for syncing secrets and configurations across teams and infrastructure while preventing leaks.

* [GoBetterAuth v2.12.0](https://github.com/GoBetterAuth/go-better-auth) – Scalable authentication for Go apps or standalone servers offering email/password auth, sessions, OAuth, and extensible hooks.

* [MQL v13.1.0](https://github.com/mondoohq/mql) – Cloud-native graph-based query language for querying and discovering infrastructure assets across clouds, containers, and services.

* [react-native-sandbox v0.5.0](https://github.com/callstackincubator/react-native-sandbox) – Library for running multiple isolated React Native instances within a single application with safe communication.

* [Kubescape v4.0.3](https://github.com/kubescape/kubescape) – Comprehensive security platform for managing and securing Kubernetes environments throughout the development and deployment lifecycle.

* [CoWork OS v0.5.0](https://github.com/CoWork-OS/CoWork-OS) – Security-first personal AI assistant runtime providing multi-provider model access and multi-channel messaging integrations with local-first data control.

* [supautils v3.2.0](https://github.com/supabase/supautils) – Extension that secures PostgreSQL in cloud environments by managing privileges without requiring superuser access.

* [PwnDoc v1.4.2](https://github.com/pwndoc/pwndoc) – Pentest reporting application for writing findings and generating customizable DOCX reports.

* [hoop.dev 1.51.2](https://github.com/hoophq/hoop) – Proxy that secures and simplifies access to infrastructure with outbound-only connections and integrated SSO.

* [Wazuh Dashboard Plugins v4.14.4](https://github.com/wazuh/wazuh-dashboard-plugins) – Collection of plugins that extend the Wazuh dashboard with UI panels for security events, integrity, vulnerability, and compliance monitoring.

* [OpenZiti SDK for NodeJS 0.29.0](https://github.com/openziti/ziti-sdk-nodejs) – SDK enabling zero-trust networking for Node.js applications and web servers.

* [Data security Stack for TypeScript @cipherstash/stack-f...](https://github.com/cipherstash/stack) – End-to-end field-level encryption for TypeScript apps with zero-knowledge key management and searchable encrypted queries.

* [js-x-ray @nodesecure/js-x-ray...](https://github.com/NodeSecure/js-x-ray) – JavaScript AST analysis tool for identifying potentially malicious code patterns.

* [Go-TPM tools v0.4.8](https://github.com/google/go-tpm-tools) – High-level Go packages providing APIs for interacting with TPM 2.0 devices.

* [MCPProxy v0.21.2](https://github.com/smart-mcp-proxy/mcpproxy-go) – Desktop proxy enabling scalable tool discovery, major token savings, and quarantine of malicious upstream servers for AI agents.

* [step-ca v0.30.0-rc6](https://github.com/smallstep/certificates) – Private certificate authority for secure, automated certificate management in DevOps environments.

* [Step CLI v0.30.0-rc4](https://github.com/smallstep/cli) – Easy-to-use CLI for building, operating, and automating PKI systems and common X.509, JWT, and crypto workflows.

* [Reconmap 3.0.2-beta](https://github.com/reconmap/reconmap) – Collaboration-first platform for planning, automating, executing, and reporting vulnerability assessments and penetration tests.

* [SandboxJS v0.8.34](https://github.com/nyariv/SandboxJS) – Safe JavaScript execution runtime that parses and runs code in a whitelisted, prototype-aware sandbox.

* [Tracecat 1.0.0-beta.34](https://github.com/TracecatHQ/tracecat) – Modern automation platform for security and IT engineers with YAML templates, no-code workflows, lookup tables, and case management.

* [Yaklang 1.4.6-beta1](https://github.com/yaklang/yaklang) – Cybersecurity-focused domain-specific programming language with a dedicated virtual machine and IDE support.