Open Port - Cybersecurity news, threat analysis, and practical guides for learning the offensive side of security

The Route Into GitHub Began Upstream

May 25, 2026 article

GitHub said it detected and contained a compromise of an employee device on May 18 involving a poisoned third-party Visual Studio Code extension. The activity involved exfiltration of GitHub-internal repositories only, and the attacker's claim of approximately 3,800 repositories was directionally consistent with the company's investigation.

The company also reported no evidence of impact to customer information stored outside its internal repositories. The entry point is what makes the incident unusual. GitHub's public account did not describe a direct compromise of its own platform or production systems. It centered on software running on a developer workstation: an editor extension installed through the same kind of channel developers use every day.

The trail runs backward from that employee device, through the compromised extension, and into an earlier supply-chain incident that set the route in motion.

>> continue reading

Nmap for Penetration Testing

May 18, 2026 article

Nmap, short for Network Mapper, is one of the first tools a penetration tester reaches for when trying to understand a network. It helps answer the early questions that shape the rest of an assessment:

- What hosts are online? - What ports are open? - What services are running? - What versions are exposed? - Is traffic being filtered? - What deserves closer review?

Before scanning anything, know where you are. A pen tester should understand the local network range before running discovery or port scans.

>> continue reading

Cracking Hashes with John the Ripper

May 10, 2026 article

Today I started learning about the basics of John the Ripper. John is a popular password-cracking tool used to test password hashes and identify weak passwords.

Before covering the basics of the tool, it helps to understand a few cryptography terms and how password cracking works.

Most modern systems do not store user passwords in plain text. Instead, they store a hashed version of the password.

>> continue reading

Hello World: My First Step into Cybersecurity

May 3, 2026 article

Hello World.

It is usually a beginner's first step into programming. The program itself barely does anything. It prints a line of text and exits. But that is the point. It is the first time you make something run.

Cybersecurity feels similar. At the beginning, everything looks bigger than it is: protocols you can't name, exploits you don't understand, tools you've never touched. Then you start small. You build a lab. You scan a machine. You break something. You fix it. You write down what happened.

>> continue reading