Blog Archive

Safer together: Snyk and CISPA collaborate for the greater good

June 6, 2022

Snyk finds 200+ malicious npm packages, including Cobalt Strike dependency confusion attacks

May 24, 2022

How LiveRamp used Snyk to remediate Log4Shell

May 19, 2022

Ignoring vulnerabilities with Snyk

May 3, 2022

Targeted npm dependency confusion attack caught red-handed

April 30, 2022

An unintimidating introduction to the dark arts of C/C++ vulnerabilities

April 15, 2022

Browsers tormented by open roll vulnerability

April 1, 2022

Alert: LaughTilYouCry ransomware sabotages npm package (with puns)

April 1, 2022

Spring4Shell: The zero-day RCE in the Spring Framework explained

April 1, 2022

Spring4Shell: What we know about the Java RCE vulnerability

March 31, 2022

Protestware is trending in open source: 4 different types and their impact

March 22, 2022

dompdf security alert: RCE vulnerability found in popular PHP PDF library

March 18, 2022

Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine

March 16, 2022

Magento security requires additional patch to fix sanitization vulnerability

February 24, 2022

Join The Big Fix: a 24-hour livestream dedicated to fixing security vulnerabilities in your projects

February 21, 2022

CVE-2022-24086 Vulnerability alert for websites using Magento Ecommerce

February 17, 2022

Teaming up with Sysdig to deliver developer and runtime Kubernetes security

February 16, 2022

Lessons learned from the Argo CD zero-day vulnerability (CVE-2022-24348)

February 10, 2022

Log4Shell remediation with Snyk by the numbers

February 5, 2022

Fun with ciphers in copycat Wordles

February 2, 2022

Analyzing the PwnKit local privilege escalation exploit

January 29, 2022