Release Notes

What's new in PhantomYerra — full version history, new features, and bug fixes.

Auto-Update: PhantomYerra checks phantomyerra.com/updates/latest.yml on every launch. When a new version is available, an update banner appears in the top bar — click Download to fetch in the background, then Restart & Install.
v44.32.54 2026-04-06
Latest
Red Team Intelligence · CVE Pre-Load · Authenticated Testing
  • NEW Red Team Intelligence page (sidebar → ⚔️ Red Team Intel): live CVE feed cross-referenced against your org's tech stack. Filter by 24h / 48h / 7d / 30d / 1yr. Separate tabs for CVEs, active Exploits, and CISA KEV. Summary dashboard shows critical count, KEV count, exploit-available count, org-relevant matches.
  • NEW ⚡ Exploit button — appears inline on any CVE that has an exploit or PoC available. Opens a wizard to configure: target URL, auth type (none / Bearer / API Key / Cookie / Basic), then streams live Nuclei exploitation over SSE. See each stage in real time (reachability → scan → CVE lookup → PoC build → save report). Get confirmed findings with severity, matched URL, description, remediation, and copy-ready curl command.
  • NEW CVE data pre-loaded before UI — Python startup phases seed and sync the full CVE database before the main window opens. Threat data is available instantly on first paint. No loading spinners on the home screen.
  • FIX Authenticated testing fully wired end-to-end. Auth Vault step in the scan wizard now correctly passes credentials + auth headers to every scan tool. Supported types: Bearer token, API Key (custom header), Session Cookie, HTTP Basic, TOTP, SAML session cookie. Headers inject into Nuclei (-H flags), ZAP authentication config, DAST orchestrator, OpenAPI tester, web crawler, and injection scanner.
  • FIX Auto-updater: removed dev-mode guard so update checks always run regardless of environment. 20-second timeout prevents update banner from hanging on slow networks.

How to use the Exploit button

  1. Go to Red Team Intel in the sidebar (⚔️ icon)
  2. Select a time window — Past 24 Hours is a good starting point
  3. Enable Org Profile Only to filter to CVEs relevant to your tech stack
  4. Enable Exploit Available to focus on actionable CVEs
  5. Find a CVE — click the row to expand details, then click ⚡ Exploit
  6. Enter your target URL and auth credentials (if testing an authenticated surface)
  7. Click 🚀 Launch Exploit — watch the live log stream
  8. When complete: copy the curl PoC command, download the JSON report, or run again

How to set up authenticated scanning

  1. Start the scan wizard (New Scan in sidebar)
  2. Proceed to the Auth Vault step
  3. Click + Add Credential Role and name it (e.g. "Admin User")
  4. Select your auth type from the dropdown: Bearer Token, API Key, Cookie, Basic, TOTP, or SAML
  5. Fill in the corresponding fields (token, header name, cookie name/value, username/password)
  6. Click Save & Continue — credentials are forwarded to all scan tools automatically
v44.32.52 2026-04-06
Tailwind CSS · 20+ Pages Now Fully Styled
  • FIX Added Tailwind CSS configuration — 20+ pages that were rendering unstyled (CVE Feed, AI/LLM scan, Automotive, Findings Detail, Integrations, and more) now display correctly
  • FIX 11 scan-surface pages now correctly routed and reachable from the sidebar: Web, API/GraphQL, Mobile, IoT, Cloud, SAST, DAST, SBOM, Automotive, AI/LLM, Reverse Engineering
  • FIX Settings page version number now dynamically reads from the installed build instead of showing hardcoded v1.0.0
v44.32.49 2026-04-06
AI Key Delivery · Update Reliability · Splash Minimize
  • FIX AI key delivery fixed — reads from locally stored key immediately after activation, eliminating a 20-second timeout race on first launch
  • FIX Network errors during background update checks are now silent — no more error dialogs appearing during startup on restricted networks
  • NEW Splash screen now has a minimize button ( — ) so you can use other apps while PhantomYerra boots
  • FIX Update check now uses a 20-second timeout with Promise.race — the update banner never freezes the UI on slow connections
v44.32.46 2026-04-06
Per-Module Scan Quotas
  • NEW All scan modules now enforce license-based scan quotas. A quota badge on every launch button shows scans remaining — turns amber when under 60%, red when under 40%
  • NEW When quota is exceeded, a dialog blocks the scan and shows a usage progress bar with options to contact support
  • Affected modules: Web/DAST, Mobile, SAST, Network, Manual Pentest, Automotive/ICS, AI/LLM
v44.32.44 2026-04-06
Attack Graph Demo Chain · External Links · License Page
  • FIX NVD, MITRE, ExploitDB, GitHub PoC, and CISA KEV external links now correctly open in the system browser (previously denied by the window open handler)
  • NEW Attack Graph now shows a full demo attack chain on new installs before any scans are run — Discovery → Exploitation → Lateral Movement → Escalation
  • NEW License & About page (/license) — shows license status badge, company info, AI config, active modules grid, and named seats table
v44.32.43 2026-04-06
Installer Packaging Fix · Linux Build Pipeline
  • FIX Fixed Cannot find module electron-updater crash on launch — production node_modules are now correctly packaged in the installer
  • NEW Separate Linux build pipeline — Linux builds output to dist/linux/ and no longer overwrite Windows installer files
v44.32.42 2026-04-06
First Windows + Linux Simultaneous Release · Help System
  • NEW First release shipping Windows (.exe) and Linux (.AppImage) simultaneously from the same build pipeline
  • NEW Complete Help system shipped — 20+ pages covering every scan surface, first-launch guide, license activation walkthrough, report generation, and more
  • FIX Removed all "Development Mode" user-facing references — license status now shows Active
v44.32.41 2026-04-06
License Page · OpenAPI Spec-Driven Testing · Quota System
  • NEW License & About page with active modules grid, named seats table, and AI config status
  • NEW API / DAST wizard now accepts OpenAPI 3.x / Swagger 2.0 spec URL — auto-discovers and tests every documented endpoint for OWASP API Top 10
  • NEW Per-module quota tracking and enforcement system
v44.32.40 2026-04-05
Auto-Update System · PDF Report Fix · Business Logic AI
  • NEW Auto-update system — PhantomYerra checks phantomyerra.com/updates/latest.yml on every launch and every 4 hours. In-app banner shows when a new version is ready
  • FIX PDF and DOCX report color fix — executive summary and finding body text now renders dark-on-white correctly in all report formats
  • NEW Business Logic step rebuilt with AI chat-bubble UI — typing indicator, progress bar, and surface-specific question flow
  • NEW CVE Intel page no longer leaks polling requests after tab switch
v44.32.39 2026-04-05
Fast Boot · Live Splash Status · Launch Anyway Button
  • FIX Splash screen no longer stuck for 3–10 minutes on repeat launches — pip install now skips if all packages are already installed (instant boot path)
  • NEW Live boot status bar on splash shows each phase (License check → CVE seed → ExploitDB → PoC library) with real-time progress
  • NEW Launch Anyway button appears after 90 seconds on slow machines
v44.32.37 2026-04-05
Self-Contained Installer — Zero Downloads Required
  • NEW Bundled Python 3.12.10 embedded runtime — the installer requires zero internet access and zero user prompts. No "Python could not be downloaded" errors ever.
  • FIX NSIS installer completely rewritten — removed all download-at-install-time code
  • Python is found at resources/python-embedded/python.exe and used for all sidecar operations

How PhantomYerra Updates Work

  1. On every launch, PhantomYerra silently checks https://phantomyerra.com/updates/latest.yml
  2. If the server version is higher than the running version, the Update Available banner appears in the top bar
  3. Click Download — the installer downloads in the background. You can keep working.
  4. When the download finishes, the button changes to Restart & Install
  5. Click it — PhantomYerra closes, the installer runs silently, and PhantomYerra re-opens on the new version
No data loss: All your scans, findings, reports, and settings are stored in %APPDATA%\PhantomYerra\data\ and are never touched by updates.

Frequently Asked Questions

How do I know which version I'm running?

Open Settings → About or look at the bottom of the sidebar — the version is shown next to the copyright notice. The splash screen also displays the version during boot.

Can I roll back to a previous version?

Yes. Previous installers are permanently available at https://phantomyerra.com/downloads/. Download the specific version EXE and run it — it will install over the current version.

Do updates reset my license?

No. Your license key is stored in %APPDATA%\PhantomYerra\data\ and is never modified by updates. Your activation persists across all version upgrades.

Why is the update banner not showing?

The check happens in the background 8 seconds after launch. If your network blocks phantomyerra.com, the check silently times out (no error shown). Check firewall rules if you're on a restricted corporate network.