Blog Archive

After three years of silence, a new jQuery prototype pollution vulnerability emerges once again

April 15, 2019

Securing Bitbucket Cloud with Snyk

April 4, 2019

Malicious remote code execution backdoor discovered in the popular bootstrap-sass Ruby gem

April 4, 2019

ReDoS vulnerabilities in npm spikes by 143% and XSS continues to grow

February 26, 2019

Open source maintainers want to be secure, but 70% lack skills

February 26, 2019

88% increase in application library vulnerabilities over two years

February 26, 2019

78% of vulnerabilities are found in indirect dependencies, making remediation complex

February 26, 2019

81% believe developers should own security, but they aren’t well-equipped

February 26, 2019

10 npm Security Best Practices

February 19, 2019

NumPy arbitrary code execution vulnerability

February 5, 2019

Launching .NET support for GitHub, Bitbucket and GitLab

February 4, 2019

Severe security vulnerability in Bower’s zip archive extraction

January 31, 2019

Monitoring open source packages at runtime - now in open beta

January 30, 2019

Snyk CLI drops support for Node.js 4 (Argon)

January 24, 2019

Finding open source vulnerabilities within the Bitbucket workflow

January 22, 2019

Faster & improved tests for JavaScript lockfile based projects

December 10, 2018

Introducing open source security runtime monitoring

November 12, 2018

The State of Open Source Security Survey

November 6, 2018

Over 10% of Python packages on PyPI are distributed without a license

September 18, 2018

10 Spring Boot security best practices

August 16, 2018

The most common vulnerabilities in Maven Central and npm

June 27, 2018