Click any tag below to further narrow down your results
Links
NVIDIA has released a suite of open-source AI technologies across language, robotics, and healthcare. These tools, part of the Nemotron, Cosmos, Isaac GR00T, and Clara families, aim to enhance AI accessibility and foster innovation. They are being contributed to Hugging Face, allowing developers to leverage cutting-edge resources for specialized applications.
Dillo is a lightweight web browser focused on speed and user privacy, built using the FLTK 1.3 GUI toolkit. The repository includes the original code with minor updates, and development is open to contributions. Note that the official website is no longer under the control of its developers as of December 2023.
Anthropic has partnered with the Python Software Foundation, providing $1.5 million to improve security in the Python ecosystem. This funding aims to protect users from supply-chain attacks and may benefit other open-source projects as well.
This GitHub repository offers a comprehensive checklist for securing your digital life. It includes a website for easy navigation, a raw data file for modifications, and an API for accessing checklist data. Users can clone the repo, run it locally, or deploy it on various platforms.
Homarr is an open-source project that offers a customizable dashboard for managing self-hosted applications. It features user management, real-time updates, and strong data encryption, making it suitable for various hardware and operating systems. The project is maintained by volunteers and encourages community contributions.
The libxml2 library recently lost its sole maintainer, Nick Wellnhofer, raising concerns about its future, especially in light of potential security vulnerabilities. Despite the voluntary nature of the work, the heavy demands and lack of support led to Wellnhofer's burnout. Thankfully, two new developers have stepped in, but the situation underscores ongoing challenges in maintaining open-source projects.
Griddy Icons offers a collection of 1,135 icons with a utilitarian design. Created by Filip Gres and developed by Zuzana Benova, the icons are available under the MIT license and include various design assets for use in projects. They are designed for a 24 x 24px size and can be utilized in React applications.
Infisical is an open-source tool for managing secrets and application configurations. It allows teams to sync secrets across various platforms, maintain version control, and prevent leaks. The platform also supports features like secret rotation, dynamic secrets, and integration with Kubernetes.
Yaklang is a domain-specific programming language designed for cybersecurity tasks. It includes a dedicated virtual machine and tools for vulnerability analysis, security product development, and general-purpose programming. Its modular architecture allows users to create and automate security workflows efficiently.
PINA is an open-source Python library that streamlines Scientific Machine Learning (SciML) development using PyTorch. It organizes workflows into four stages—problem definition, model design, solver selection, and training—allowing researchers to efficiently model and simulate complex systems. Its modular design supports a variety of data types and integration with existing PyTorch tools.
SyncKit is a sync engine designed for local-first collaborative applications. It offers features like real-time editing, presence indicators, and automatic conflict resolution, all while functioning offline. The implementation is straightforward, requiring minimal code to integrate.
This article introduces a platform that helps users explore and learn from open-source projects using AI-generated learning paths. The system analyzes codebases to create structured guides tailored to different learning styles. Users can search for projects or request new ones, and they receive updates on the latest trends in AI development.
This article introduces Tool UI, a set of UI components specifically designed for AI applications. The components are JSON-native, typed, and accessible, making them easy to copy and paste into projects. They are built on popular frameworks like Tailwind and Radix, and the project is open source.
Xint Code is a new tool that automates the analysis of source code and binaries to find critical security vulnerabilities without human intervention. It recently identified major RCE bugs in popular databases, outperforming human teams at the ZeroDay Cloud competition. The tool aims to enhance security in open-source projects through responsible deployment.
FLUX.2 is a new image generation and editing model that excels in creating high-quality images while maintaining consistency across multiple references. It supports detailed typography and complex prompts, making it suitable for various creative workflows. The model emphasizes open innovation, offering different versions for developers and teams.
The article discusses various open problems in machine learning inspired by a graduate class. It critiques current methodologies, emphasizing the need for a design-based perspective, better evaluation methods, and innovations in large language models. The author encourages researchers to explore these under-addressed areas.
Fanfa.dev is an open-source tool that animates Mermaid.js diagrams, turning static visuals into engaging animations. It offers features like live animation, customizable themes, and video export options for presentations and documentation. Users can input Mermaid code, customize visuals, and easily share or export their work.
Gixy-Next is an open-source tool that scans NGINX configuration files for security misconfigurations and performance issues. It improves on the original Gixy by adding support for modern systems and enhancing detection capabilities. Users can run it locally or in a browser.
This article highlights three software tools—Blender, OBS, and Penpot—that prioritize user needs over profit. The author argues that these examples show it’s possible to create technology that values openness and community rather than succumbing to ad-driven models.
LUMEN is a tool for analyzing Windows Event Logs directly on your computer. It allows you to upload and analyze EVTX files, run SIGMA detections, and extract indicators of compromise, all without sending data online. The application supports multi-file uploads and offers features for guided investigations and custom rule management.
MCP CLI is a command-line tool that streamlines interactions with Model Context Protocol (MCP) servers by enabling dynamic context discovery. This reduces token usage significantly, allowing AI agents to access only the necessary tool information as needed, rather than loading everything upfront. It's designed for developers building AI coding agents and integrates easily with existing workflows.
This article compares OpenCode and Claude Code, focusing on their flexibility and performance. Claude Code offers a polished experience tightly integrated with Anthropic's ecosystem, while OpenCode provides more freedom to use various models but may come with some bugs. The evaluation includes a series of coding tasks to highlight each tool's strengths and weaknesses.
SentryPeer is a tool designed to detect and manage fraudulent phone call attempts. It collects data on suspicious calls and provides a way for users to own and share that data with others in a peer-to-peer network. Users can monitor and receive alerts about potential fraud, helping to prevent costly incidents.
This article discusses AgentField, a backend infrastructure designed for autonomous AI agents that go beyond simple chatbots. It highlights features like durable state, cryptographic identities, and asynchronous execution, enabling agents to make decisions and interact seamlessly. The focus is on creating a robust framework for production-ready AI applications.
NetBird offers a straightforward solution for secure remote access, allowing teams to connect to resources quickly without complex setups. It supports various platforms and can be self-hosted, giving users flexibility and control over their infrastructure.
This article explains Slonk, a system developed at Character.ai that combines SLURM and Kubernetes to manage GPU research clusters effectively. It addresses the challenges of providing a reliable scheduling environment for researchers while maintaining the operational benefits of Kubernetes. The open-source snapshot offers tools and configurations for others to implement similar systems.
Docker Hardened Images (DHI) provide developers with secure, minimal container images that are easy to adopt without workflow disruptions. They feature near-zero vulnerabilities, verifiable software bills of materials (SBOMs), and offer extended support for long-lived workloads. This solution is open-source under the Apache 2.0 license.
Deepnote is an open-source platform for data professionals that builds on Jupyter's legacy. It offers a user-friendly YAML format, block-based architecture, and native AI features, allowing seamless collaboration and integration with various tools. You can run projects locally or in the cloud, making it versatile for both individual and team workflows.
RAPTOR is an open-source security research framework that automates code scanning, fuzzing, and vulnerability analysis. It integrates various tools for offensive and defensive security tasks, including evidence collection for GitHub repositories. The framework aims to enhance security research through agentic workflows and community contributions.
The article reviews the results of the ARC Prize 2025, highlighting the top scoring teams and papers. It discusses advancements in AI reasoning, particularly the concept of refinement loops, which enhance program optimization and performance in solving ARC-AGI tasks.
Ghostty is now a non-profit, sponsored by Hack Club, allowing it to operate as a charitable initiative. This structure provides financial transparency, legal protections, and opens up avenues for funding while maintaining its open-source nature.
React Bits offers a collection of customizable animated components designed for React projects. It's open source and continually expanding, making it a valuable resource for developers looking to enhance their web applications.
Okara offers a private AI chat service that uses over 20 open-source models while ensuring user data remains secure and encrypted. It allows seamless switching between models without losing context, making it ideal for professionals who prioritize privacy in their work.
The article examines the competitive landscape of open-source and proprietary AI models, highlighting that proprietary providers maintain pricing power despite cheaper alternatives. Open-source models have stabilized at about 22-25% market share, while programming use cases dominate among leading providers. Retention rates vary significantly, with some models showing stronger user engagement than others.
BunkerWeb is an open-source web application firewall built on NGINX that offers easy integration with various environments like Linux and Docker. It features a user-friendly interface and a plugin system for customization, providing essential security measures out of the box. Users can choose between an open-source version and a PRO version with enhanced features.
This article details the 18-month development journey of the project management application Fizzy, highlighting key commits and name changes along the way. It captures the iterative process of design and coding, including major contributions from David Heinemeier Hansson and the philosophical shifts in the codebase.
The Linux Foundation has formed the Agentic AI Foundation (AAIF) to promote open-source AI projects. This initiative includes contributions from Anthropic, Block, and OpenAI, focusing on standards like the Model Context Protocol (MCP) and tools for developing autonomous AI agents. The foundation aims to foster collaboration and transparency in the AI ecosystem.
Bitdefender Labs found that 17% of the OpenClaw AI skills examined in February 2026 are malicious. These skills, masquerading as useful tools, are used to steal crypto keys and install malware on macOS, with one user linked to 199 harmful scripts.
Google has launched A2UI, an open-source project that allows AI agents to create interactive user interfaces for applications. Instead of sending executable code, agents describe UI components in a structured format, which host apps then render natively. This approach enhances security and design consistency across platforms.
Elon Musk announced that the social media platform X will release its algorithm to the public within a week. This includes the code that determines how posts and ads are recommended, with updates planned every four weeks to explain changes.
Garage is an open-source distributed object storage service designed for self-hosting. It ensures data redundancy by replicating chunks across multiple zones and can run on various hardware with minimal requirements. The software is compatible with the Amazon S3 API, making it easy to integrate with existing applications.
This article introduces "The Concise TypeScript Book," which covers TypeScript's features and best practices for developers at any level. It emphasizes the importance of strong typing and provides practical examples to enhance coding skills. The book is free and open source, supporting various languages and offering downloadable formats.
The article discusses a recent dispute between David Heinemeier Hansson and Matt Mullenweg over the meaning of "open source" after Hansson labeled his new kanban tool, Fizzy, as open source despite its restrictive license. It emphasizes the importance of a clear definition and the ongoing challenge of sustainability in open source projects.
This article introduces Lucide Animated, a library of animated icons available under the MIT License. Created by Dmytro as a project to practice animation skills, it offers a wide range of icons for various applications. Users can freely use and contribute to the collection.
Layrr is an open-source tool that allows developers to design interfaces visually while editing their actual code in real-time. It integrates with any tech stack, enabling drag-and-drop design similar to Figma or Framer. Layrr is free to use, with no subscriptions or vendor lock-in.
Augustus is a new security testing tool designed to identify vulnerabilities in large language models (LLMs), focusing on prompt injection and other attack vectors. Built in Go, it offers faster execution and lower memory usage compared to its Python-based predecessors. With over 210 vulnerability probes, it helps operators assess the security of various LLM providers efficiently.
Pydantic AI Gateway (PAIG) streamlines the management of API keys and rate limits for large language models (LLMs). It allows direct requests to providers like OpenAI and Anthropic without delays, offering observability and cost control features. The gateway is open-source, but some components are closed-source and part of a managed service.
This article analyzes the developments in China's open-source AI ecosystem since the "DeepSeek Moment" in early 2025. It highlights the strategic shifts of major companies like Alibaba, Tencent, and ByteDance, as well as the broader collaborative efforts that have emerged, shaping the future of AI in the country.
This article provides a detailed analysis of GitHub's service uptime over the past 90 days, using archived status updates to reconstruct the data. It offers insights into downtime incidents and how they affect different components of the platform. The project is open source and encourages community contributions.
Malcontent is a tool designed to detect supply-chain malware using context analysis and differential methods. It supports various file formats and programming languages, analyzing Linux programs primarily, but also works with macOS and Windows. It features three modes: analyze, diff, and scan, allowing for in-depth examination of program capabilities and risks.
GitHub is responding to the influx of low-quality AI-generated pull requests that burden maintainers. Product manager Camilla Moraes initiated a community discussion on potential solutions, including options to disable pull requests or improve review processes to address the challenges posed by AI contributions.
This article discusses a collection of 8-bit styled game components that can be integrated with popular frameworks. It highlights features like game progress tracking, player statistics, and various character classes. The platform is open source, allowing for community contributions and customization.
The article details the creation of the Desktop Application Security Verification Standard (DASVS), designed to address the unique security challenges of desktop applications across different operating systems. It outlines the framework's structured requirements, verification levels, and security domains to better protect desktop applications from threats.
This article discusses x402scan, a new tool for tracking usage metrics, popular resources, and facilitator activity within the x402 ecosystem. It aims to enhance discoverability by allowing users to register new resources, leveraging the @CoinbaseDev SQL API for analytics. The project is open source and invites contributors.
The article explains how to continue coding with Claude when you reach your usage limits by connecting to local open-source models. It provides step-by-step methods for using LM Studio and directly connecting to llama.cpp. The author recommends specific models and offers tips for managing performance expectations.
nDPI is a library for deep packet inspection, allowing developers to analyze network traffic and identify protocols. The article covers installation instructions, prerequisites for various operating systems, and guidelines for adding new protocols. It emphasizes the importance of respecting user privacy during traffic inspection.
Resemble AI offers a platform for generating realistic voice outputs and detecting deepfakes, used by Fortune 500 companies and government agencies. Their tools include Chatterbox for voice cloning and DETECT-3B Omni for identifying manipulated media. The service emphasizes security, allowing for on-premises deployment to keep data private.
Bidicalc allows users to change output values in formulas, updating the inputs automatically. It supports complex calculations and offers a unique backward-solving feature, unlike traditional spreadsheets. The tool is open-source, and the author welcomes feedback for future improvements.
Squirreling is a lightweight SQL engine designed for web browsers, enabling users to query large datasets directly in the browser without a backend. It uses async execution and late materialization to provide fast, interactive data exploration. Open-sourced and compact, it runs entirely client-side with minimal dependencies.
Kubernetes v1.35 introduces 60 enhancements, including significant features like in-place Pod resource updates and native workload identity with automated certificate rotation. The release also features new stable, beta, and alpha functionalities, along with some deprecations. Community contributions continue to drive the project's growth and improvement.
This article explains how the integration of Falco and Stratoshark improves runtime security by automating forensic data collection when alerts are triggered. It highlights advancements that allow teams to quickly investigate suspicious activity without relying on multiple tools or external logging pipelines.
GLM-Image is an open-source model that combines auto-regressive and diffusion techniques for high-quality image generation. It excels in generating detailed images from text prompts and supports various image editing tasks. The model uses a semantic-VQ tokenization strategy to enhance semantic understanding and visual fidelity.
The article argues that using dependency cooldowns can significantly reduce the risk of open source supply chain attacks. By waiting a set period after a dependency is published before using it, developers can avoid most threats while vendors monitor for issues. The author emphasizes that this approach is simple and free to implement.
Pipenet is an open-source tool that allows you to expose local services to the internet or integrate tunneling into your applications. You can run a public server or deploy your own for greater control over security and availability. It supports both HTTP and WebSocket protocols, making it versatile for various use cases.
Google has launched Magika 1.0, an AI-powered file type detection tool that now supports over 200 file types, up from about 100. The new version features a Rust-based engine for improved performance and accuracy, with better detection for specialized file formats and a native command-line client.
Pinterest's CEO Bill Ready discussed the benefits of open source AI models during an earnings call, highlighting their potential to reduce costs while enhancing visual AI features. Despite concerns over a weaker holiday season, the company plans to leverage these models for various applications, including personalized recommendations and product discovery.
The article discusses how the rise of AI tools like LLMs is diminishing the need for small open source libraries, such as blob-util. The author reflects on the loss of educational value in coding as instant solutions replace the learning process. While acknowledging the challenges, they express hope for more innovative open source projects that can't be easily replicated by AI.
GLM-OCR is a multimodal optical character recognition (OCR) model designed for complex document understanding. Built on the GLM-V architecture, it features a robust two-stage pipeline for layout analysis and recognition, achieving high accuracy in varied real-world scenarios. The model is open-sourced and comes with an easy-to-use SDK for integration.
Mux is a tool for developers that allows them to manage tasks with multiple AI agents. It integrates with VS Code, offers isolated workspaces, and supports rich markdown outputs. The application is open-source and available for macOS and Linux.
Omnilingual ASR is a speech recognition system that supports over 1,600 languages, including many that lack previous ASR technology. It allows users to add new languages with minimal examples and no special skills. The system is designed for accessibility and includes various model options for different use cases.
INTELLECT-3 is a Mixture-of-Experts model with over 100 billion parameters, trained using a custom reinforcement learning framework. It outperforms larger models across various benchmarks in math, code, and reasoning. The training infrastructure and datasets are open-sourced for public use and research.
GitHub is tackling the issue of low-quality contributions in open source projects, which have become a burden for maintainers. The proposed solutions include improved pull request permissions, the ability to delete PRs from the interface, and enhanced tools for evaluating contributions, especially those involving AI.
Cedar, an open-source authorization policy language developed by AWS, has joined the CNCF as a Sandbox project. It allows developers to manage permissions separately from application logic, supporting various authorization models with a focus on security through formal verification. Cedar is designed for high performance in application-level authorization, differentiating it from general-purpose tools like Open Policy Agent.
The Linux Foundation has launched the Agentic AI Foundation, which includes key projects like Anthropic’s MCP and OpenAI’s AGENTS.md. Docker has joined as a Gold member to support the development of interoperable tools and standards in the AI space.
Meta has launched Ax 1.0, an open-source platform that uses machine learning to streamline complex experimentation. It employs Bayesian optimization to help researchers efficiently identify optimal configurations across various applications, from AI model tuning to infrastructure optimization.
Metis is an open-source tool developed by Arm to enhance security code reviews using AI. It leverages large language models for semantic understanding, making it effective in identifying vulnerabilities in complex codebases. The tool is extensible and supports multiple programming languages.
This article dives into Dependabot's inner workings, highlighting its stateless Ruby core and how it interacts with GitHub's proprietary infrastructure. It discusses the complexities of its various package ecosystem implementations and suggests potential improvements with event-driven updates instead of the current polling model.
Syzkaller is an unsupervised, coverage-guided fuzzer designed primarily for kernel testing. Initially focused on the Linux kernel, it now supports various operating systems like FreeBSD and Windows. The documentation includes installation instructions, usage guidelines, and contributions.
Anthropic is donating the Model Context Protocol (MCP) to the Agentic AI Foundation, which is part of the Linux Foundation. This move aims to promote the open-source development of agentic AI technologies and maintain MCP as a neutral standard in the ecosystem. The donation will support ongoing community-driven governance and collaboration.
This article argues that vertical integration is essential for improving developer productivity by creating seamless workflows across tools. It discusses the challenges faced by both open-source and industrial users in achieving this integration and explores the potential for integrated development environments as a product.
STARFlow and STARFlow-V are open-source models designed for generating high-quality images and videos from text prompts. They combine autoregressive models with normalizing flows to achieve impressive results in both text-to-image and text-to-video tasks. Users can easily set up the models and start generating content with provided scripts and configurations.
Cline-bench aims to create accurate benchmarks for evaluating AI models on real software development tasks. It focuses on capturing complex, real-world engineering challenges rather than simplified coding puzzles. Open source contributions will help shape these benchmarks and improve AI coding capabilities.
This article discusses the performance benchmarks of Diskless Kafka (KIP-1150), showcasing significant cost savings and low latency achieved using just six m8g.4xlarge machines. It emphasizes the importance of realistic and open-source testing to validate the effectiveness of Diskless topics in Apache Kafka deployments.
This article outlines a framework for founders considering open-source for their products. It emphasizes understanding user and contributor personas, the importance of problem maturity, and the strategic advantages that open-source can offer, while also warning of potential pitfalls.
Aura Inspector is a tool for testing Salesforce Experience Cloud applications. It helps identify misconfigurations, automate testing, and discover accessible records in both guest and authenticated contexts. You can run it in various modes, including unauthenticated and authenticated scenarios.
Reko is a free decompiler for machine code binaries that supports various processor architectures and executable formats. It offers multiple front ends, including command-line and GUI versions, and requires the .NET 6.0 SDK for compilation. Users must ensure they have legal rights to decompile any binaries they work with.
This article details a mentorship experience focused on enhancing the performance of the Kyverno CLI by identifying and addressing key bottlenecks. The author implemented solutions that reduced execution time for policy application from 15 minutes to just 1-2 seconds for large clusters. Insights into open source contribution and community support are also shared.
OpenWorkers is an open-source runtime that allows you to run JavaScript using Cloudflare Workers' programming model on your own servers. It supports various features like KV storage, PostgreSQL, and S3-compatible storage, all while using V8 isolates for sandboxing. The setup is straightforward, requiring only a PostgreSQL database and a Docker Compose file.
DiaSymbolView allows you to view and analyze debug information from .pdb files. It uses the MSDIA API to display a detailed hierarchy of debug symbols along with their numerous properties. You can download pre-built binaries or compile it from source using provided instructions.
This article introduces TanStack AI, an open-source SDK that integrates various AI providers like OpenAI and Google Gemini without vendor lock-in. It offers a unified interface, automatic type inference, and support for multiple programming environments. Developers can create custom adapters and manage AI tools seamlessly.
LiftKit is an open-source UI framework designed to address symmetry issues in design. It features a modular control panel for real-time color adjustments and advanced typography controls, allowing for flexible component customization. Users can create and manipulate design elements with precision, using a global scale factor for consistent proportions.
Clawdbot is an open-source AI assistant that runs locally on your computer, integrating with popular chat platforms. It features a persistent memory system that retains context from conversations, allowing users to manage tasks like emails and scheduling without relying on cloud storage.
The article highlights the three projects receiving support from the 2025 Spotify FOSS Fund: FFmpeg, Mock Service Worker (MSW), and Xiph.org. It details the funding amounts and the impact these projects have on open source technology, particularly in media and API development.
This article outlines key security measures for npm maintainers in response to recent attacks, including the Shai-Hulud incident. It emphasizes using trusted publishing, enforcing two-factor authentication, and adopting WebAuthn for better account protection. These steps aim to strengthen the overall security of the npm ecosystem.
This report presents the Qwen3-ASR family, featuring two advanced speech recognition models that support 52 languages. The 1.7B model offers top performance among open-source options, while the 0.6B model balances accuracy and efficiency, achieving rapid transcription and efficient forced alignment for text-speech pairs. Both models are released under the Apache 2.0 license for community use.
OpenMalleableC2 is a library that replicates Cobalt Strike's Malleable C2 profile format for HTTP transformations. It allows security researchers and red teams to customize C2 communications in their tools, enhancing the ability to disguise callback data in HTTP requests. The project includes a basic example of a "ping pong" agent and server for demonstration.
AppControl Manager is a tool for managing App Control and Code Integrity on Windows devices. It provides a user-friendly interface and operates securely without third-party dependencies. The application supports various Windows versions and focuses on maintaining a strong security posture.
DeepSeek's AI model, DeepSeekMath-V2, earned gold by solving five of six problems at the International Mathematics Olympiad 2025. The model is open-source under the Apache 2.0 license, enhancing access to advanced mathematical AI tools.
Bun has been acquired by Anthropic, which will integrate it into its AI coding products like Claude Code. The acquisition promises to maintain Bun's open-source status while enhancing its development and capabilities for AI-driven software.
Gambit is an open-source framework designed for creating structured workflows using LLMs. It emphasizes building small, typed components called “decks” with clear input and output specifications, allowing for easier debugging and orchestration. The framework supports both local and browser executions, making it flexible for developers.