Security Affairs
INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|INTERPOL Operation First Light Nets 5,811 Arrests and Seizes $293 Million|GodDamn Ransomware Uses PoisonX to Blind Security Software|AssuranceAmerica Breach Exposes 7 Million Driver’s Licenses After Employee Account Hack|Microsoft fixed Defender flaw RoguePlanet (CVE-2026-50656)|Fake VPN and 7-Zip Apps Turn Victims Into Residential Proxy Nodes|Ubiquiti Patches Critical UniFi OS Flaws Allowing Command Injection and Privilege Escalation|A Hacker Claims 35 GB of Accenture Source Code. The Company discloses the data breach|Telegram-Hosted RedWing Malware Lets Anyone Rent Android Spyware Tools|U.S. CISA adds Adobe ColdFusion, Joomlack Page Builder, Langflow, and JoomShaper SP Page Builder flaws to its Known Exploited Vulnerabilities catalog|CISA Deploys Anthropic’s Mythos AI to Hunt Vulnerabilities in U.S. Government Code|Critical Gitea Docker Bug Under Active Exploitation Exposes Repositories and Secrets|Spanish Police Arrest Man Linked to CARR, Z-Pentest, and NoName057(16)|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The new Nmap 7 version just released

After 3.5 years, Fyodor has released the new version of the popular open-source network-exploration tool Nmap 7. After 3.5 years, Fyodor has released the new version of the popular network-exploration tool Nmap 7. Nmap is one of the most popular open-source network mapper, the principal changes announced for this release are: – 3,200 code commits since Nmap […]

The new Nmap 7 version just released

After 3.5 years, Fyodor has released the new version of the popular open-source network-exploration tool Nmap 7.

After 3.5 years, Fyodor has released the new version of the popular network-exploration tool Nmap 7. Nmap is one of the most popular open-source network mapper, the principal changes announced for this release are:

– 3,200 code commits since Nmap 6
– expanded capabilities for its scripting engine including 171 new NSE scripts
– Mature IPv6 support from host discovery, port scanning and OS detection

Serious vulnerabilities like Heartbleed, POODLE, and FREAK could be easily detected by using the automated scanners implemented by Nmap 7.

Nmap 7 network scanner tool 2

A new implementation for the ssl-enum-ciphers script allows to perform fast analysis of TLS connections by enumerating SSL/TLS protocol versions and cipher suites. It could allow to rapidly identify deployment problems.

The tool could be used to easily find vulnerable servers, Nmap 7 includes speedups and scanning improvements. The new version of the tool includes a newer and faster Nmap Scripting Engine (NSE), it also allows users to write Lua scripts.

“The venerable RPC grinder which used to run with -sV is now an NSE script: rpc-grind. This allowed us to cull a bunch of old C code in favor of more maintainable Lua, as well as make a noticeable improvement in scanning speed, all while using a fifth of the number of code lines.” states the post on the Nmap 7 version.

The library of scripts available in the Nmap 7 has expanded from 348 to 515. Some of the scripts included in the tool could be used to rapidly check for SSL vulnerabilities (i.e. Heartbleed, POODLE and Shellshock) and for HTTP flaws such as Slowloris and Misfortune Cookie.

The new engine can also output parsable XML and implements the support for shared libraries across scripts.

“NSE joins the rest of Nmap in being able to output parseable XML. Instead of just a text blob in Nmap’s XML output, scripts can now return structured information that can be quickly extracted with an XML parser. All new scripts produce structured output, most older scripts have been converted, and any script using the vulns library is automatically upgraded.”

If you want to download Nmap 7 click here.

Pierluigi Paganini

(Security Affairs – Nmap 7, hacking)