The open source Metasploit framework is often the place where security vulnerabilities become usable enabling security researchers to test out exploits and fix flaws. Until recently, Metasploit was typically used only as a standalone community project, but that's no longer the case.

Hacking into systems (albeit for testing purposes) is apparently getting easier with the upcoming open source Metasploit 3.2 framework, according to its creator.

The future of Metasploit, the highly respected, open source penetration testing framework founded by renowned security expert H.D. Moore, was plunged into doubt last month following the announcement that the project had been acquired by Rapid7.

The open source Metasploit penetration testing framework has been acquired by a firm called Rapid7.

metasploit 3.1 review of the new msfgui3 and why distcc over a public network or wireless is not good (improperly configured allows remote command execution) -- with video -- and with recommendations on securing distcc

Keep in mind: much of what I mention the below is done on purpose by design by the Gnome project, and aren’t necessarily bugs per se.

Isecur1ty team have announced the first version of iScanner 0.1. iScanner is a free, open source, tool that lets you detect and remove malicious codes and web pages viruses from your Linux/Unix server easily and automatically.

Pentoo Linux is a Gentoo-based Linux distribution that runs as a Live CD or Live USB. Pentoo has been designed to provide a penetration testing and security assessment solution through the use of Nessus and Metasploit. Pentoo uses the Enlightenment window manager, is optimized for Pentium III architecture, and supports package modularity like Slax.

It has just become apparent that, on June 16, attackers hacked into the web server of the SquirrelMail open source project. The operators have suspended all accounts and reset all crucial passwords.