Subscribe to our newsletter for all the latest news and resources.

SuiteCRM: PHAR deserialization vulnerability to code execution

This advisory details a PHAR deserialization vulnerability that exists in SuiteCRM which could be leveraged by an authenticated administrator to execute commands on the underlying operating system.

May 7, 2021

Snyk uncovers malicious code activities in open source supply chain security on the npm registry

In a recent npm security research activity, Snyk uncovered a total of 8 npm packages that matched a specific malicious code vector of attack.

May 5, 2021

GitHub Security Code Scanning: Secure your open source dependencies

Snyk Open Source support for GitHub Security Code Scanning lets you automatically scan your open source dependencies for security vulnerabilities and license issues, as well as view results directly from within GitHub’s Security tab.

May 4, 2021

Snyk API Wednesdays

Welcome to Snyk API Wednesdays! This is our newest blog series that highlights the different ways the Snyk API is leveraged by our customers. Snyk’s extensibility and API enable developers to tune Snyk’s security automation to their specific workflows, ensuring both developer experience and consistent platform governance.

How AppSec has evolved in 2021: Reddit’s perspective

As organizations continue to rely on software for core business processes, application security (AppSec) is an ever-critical consideration.

May 3, 2021

Snyk & Intuit roundtable: Breaking silos, engaging with security and developer communities

During our roundtable discussion with Intuit, we tackled the question, "How can we make security appealing to developers?"

April 30, 2021

Why developer-first SAST tools are the future of code security

The future of code security depends on SAST tools that are fast, accurate, and developer-first. Additionally, they need to offer recommended fixes for vulnerabilities, putting security expertise in the developer toolkit.

April 28, 2021

Secure Elixir development with Snyk

Announcing Snyk support for secure Elixir development. Snyk enables development and security teams to easily find, prioritize and fix vulnerabilities in the Elixir and Erlang packages they're using to build applications.

April 27, 2021

Celebrating four years of developer-first integrations at Atlassian Team ‘21

Snyk is celebrating our 4-year partnership with Atlassian at Atlassian Team ‘21 with a big announcement

April 26, 2021

Snyk IaC public beta introduces Terraform plan analysis

Snyk Infrastructure as Code beta helps you perform Terraform plan analysis for security vulnerabilities before applying your changes.

April 22, 2021

Snyk Maven plugin: Integrated security vulnerability scanning for developers

the Snyk Maven plugin so you can now scan your application for security vulnerabilities in third-party libraries as part of your build cycle—putting security expertise in the hands of developers.

April 20, 2021

Code Dx 5.3 integrates with Snyk for comprehensive vulnerability management

Code Dx 5.3 now includes a connector with Snyk, giving customers visibility to open source dependencies, license issues, and container vulnerability management.

April 19, 2021